On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Following a 2025 season that generated 62.4 million in media reach and widespread national coverage for Patrick Shearn’s large-scale ...

In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

For property owners and managers, the real risk is not just roof failure. It is making high-cost decisions too late, with ...

A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

'This is unironically a malware nuclear missile.' ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...