Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
XDA Developers on MSN
I automated my entire read-it-later workflow with a local LLM so every article I save gets summarized overnight
No more fighting an endless article backlog.
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Ventoy, which is an alternative to the popular USB media creation utility app Rufus, has received a major milestone update ...
Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results