DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
UAT-10362 spear-phishing targets Taiwanese NGOs in October 2025, deploying LucidRook malware for data exfiltration and ...
The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support ...
The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...
The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
This tiny app replaces Google Drive entirely.
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results