On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Gesture control robotics replaces traditional buttons and joysticks with natural hand movements. This approach improves user ...

这不是一篇抨击文章。任何代码库都有技术债。但 Claude Code 是一个可以在你本机执行任意命令的产品，而它背后的公司融资超过 100 亿美元。有些设计选择，值得被公开讨论。 JSX 的嵌套深度达到 22 层（第 4604 行）。条件分支超过 ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

Turns out Windows errors can speak English. Who knew?

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Cybersecurity researchers at Kaspersky’s Global Research and Analysis Team (GReAT) have spotlighted a highly evolved banking ...

Those weird codes actually makes sense, just not to you.