The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Truelist Launches Free, Open-Source Developer Tools for Email Validation

Truelist releases 20+ free, open-source SDKs and framework integrations for email validation — Node, Python, React, ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Evansville Courier & Press

Consumer Protection Networks Announces Partnerships with SurePay & Equity Sales Finance to Expand Client Payment Options

Consumer Protection Networks partners with SurePay and Equity Sales Finance to offer flexible payment options for timeshare exit services. CONROE, TX, UNITED STATES ...