Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Windows Report

Hackers Spread Malware on GitHub Using Fake VS Code Alerts

Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.
Hoodline

Fake CAPTCHA Scam Tricks Windows Users Into Installing Password-Snatching Malware

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
Fleet World

Vauxhall launches Grandland Plug-in Hybrid at same price as hybrid model

Vauxhall has completed the electrified line-up for its flagship Grandland SUV with the arrival of a plug-in hybrid model.

DarkSword leak puts millions of iPhone users at risk

A leaked hacking tool called DarkSword could expose older iPhones and iPads to attacks through malicious links and ...

The White House launched its own app with a glaring privacy issue

A new White House app promises direct access to the administration, but its data collection and app behavior raise some ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

NCAA approves suspensions for coaches and fines for schools that take ‘ghost transfers’

The NCAA Division I Cabinet on Wednesday approved emergency legislation that will severely penalize coaches and schools that ...
The Hacker News

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

The activity begins with the attackers distributing malicious VBS files via WhatsApp messages that, when executed, create ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...