On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

DNS text records and a PowerShell script is the latest absurd way someone has managed to get the iconic first-person shooter ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Windows 11 KB5086672 is now rolling out as an optional update with several notable improvements after March 2026 update ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

What's next, a literal potato? Oh yeah. Done that.

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...

A recently released port of Doom can load into memory from Cloudflare without ever writing files to the disc. The project ...