A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The attackers swapped the account's email address for an anonymous ProtonMail inbox and pushed the infected packages manually ...
A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Thanks to the Prism Linux installer, I curated exactly the software I wanted and achieved the holy grail of out-of-the-box ...
JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...
Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results