The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

If you're paying for software features you're not even using, consider scripting them.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

Hyderabad: For the first time since Telangana was formed, residents will be able to self-enumerate their houses online as part of the upcoming Census house listing exercise, marking a shift towards a ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...