Google says North Korean hackers behind major attack on Axios

North Korean hackers used an updated version of a known backdoor to target a popular npm package.
The New Indian Express

Tamil Nadu to conduct digital Census 2027 self-enumeration from July 17, house listing from ...

CHENNAI: The self-enumeration exercise for Census 2027 will run for 15 days, from July 17 to 31, in Tamil Nadu. The House Listing Operations shall be conducted from August 1 to 30 (30 days) this year.
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Supply chain attack hits 300 million-download Axios npm package

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Is Avi Lewis’s NDP doomed? Don’t write the obituary just yet

More than a few voters could find themselves unsatisfied with the Liberals and open to a hard-left turn in future elections ...
Infosecurity Magazine

CISA Orders US Government to Patch Maximum Severity Cisco Flaw

The US Cybersecurity and Infrastructure Security Agency (CISA) has told all federal civilian agencies to patch a critical ...