A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...

A new macOS malware campaign uses a fake CAPTCHA ClickFix trick to lure users into running Terminal commands, delivering a stealthy infostealer compiled with Nuitka ...

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler ...

An incident of LinkedIn malware means jobseekers and employers need to take more care with their applications and ...