A prolific cybercrime group has been weaponizing n-day and zero-day exploits in high-tempo Medusa ransomware attacks over the ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

CISA Plans to Hire Over 300 Cybersecurity Professionals Nationwide The Cybersecurity and Infrastructure Security Agency (CISA ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Florida's Python Elimination Program pays certified hunters to remove the invasive snakes from the Everglades. Burmese pythons have caused a severe decline in native small mammal populations in South ...