Supply chain attacks feel like they're becoming more and more common.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Gesture control robotics replaces traditional buttons and joysticks with natural hand movements. This approach improves user ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...