Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Nature

‘It’s a real shock’: quantum-computing breakthroughs pose imminent risks to cybersecurity

Two analyses suggest that quantum computers could crack ubiquitous security keys and cryptocurrencies before the decade is ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
Infosecurity-magazine.com

Infosecurity Magazine

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.