On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat ...
The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...
After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...
A hacker inserted malware in Axios, an open source web tool downloaded tens of millions of times weekly, in a widespread hack ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.
OX Security reported a phishing campaign targeting developers using OpenClaw's name to lure victims into a fake site for ...
The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results