On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
Google Chrome and other Chromium-based browsers, including Edge and Vivaldi, could soon get native support for video and ...
�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest [email protected] now pulls ...
Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
Microsoft releases TypeScript 6.0 with new defaults, breaking changes, and preparation for a faster Go-based 7.0 ...
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results