Security Boulevard

Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI

See how you can use Tenable Hexa AI to determine in minutes if you’re impacted by the Axios npm supply chain attack. Learn how easy it is to automate configuration of scans, identify impacted assets, ...

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
scmp.com

Russia is luring students with large financial packages to join drone units

Students across Russia are being offered large financial incentives ⁠to join drone units fighting in Ukraine as operators and engineers, while companies in Russia’s central Ryazan region have been ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
Dallas Morning News

Prosper voters back downtown, street projects but reject rest in $192M bond election

Unofficial election results showed Prosper voters rejecting bond funding for the town's police headquarters, a library, parks and recreation projects and a public works service center, while they ...
appuals.com

Fix: “FMediaLibraryView.dll was not found” Error in Wondershare Filmora

The error message “The code execution cannot proceed because FMediaLibraryView.dll was not found” appears when Wondershare Filmora fails to locate or load an ...
GitHub

Zygisk Library Loader

NepMods Zygisk Library Loader is a lightweight Zygisk module that conditionally injects a native shared library (libxxx.so) into target Android app processes. Configuration is managed via a JSON file ...
CNX Software

Raspberry Pi CM0 castellated module features Raspberry Pi RP3A0 System-in-Package

Raspberry Pi CM0 is a yet-to-be-officially-announced castellated Compute Module based on the Raspberry Pi RP3A0 SiP (System-in-Package) found in the Raspberry Pi Zero 2 W and Raspberry Pi Compute ...
The Chronicle

Duke cut librarians. It never told the faculty they worked with

When faculty returned to campus this fall, some found their subject librarians were no longer with them. The personnel cuts had not been communicated to or discussed with faculty in advance. Members ...