Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A new exploit kit for iOS devices and delivery framework dubbed “DarkSword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet apps. DarkSword ...

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software ...

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...