Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...
Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, ...
ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery
ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...
A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...
In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Sir Keir Starmer says Donald Trump is seeking to "put pressure on me in different ways" - but has insisted that he won't ...
Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results