A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Crypto users are facing a new security threat via fake Cloudflare CAPTCHA pages. The attack installs an infostealer built to ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler ...

A new macOS malware campaign uses a fake CAPTCHA ClickFix trick to lure users into running Terminal commands, delivering a stealthy infostealer compiled with Nuitka ...

An incident of LinkedIn malware means jobseekers and employers need to take more care with their applications and ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.