The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, ...

Pro-Iran groups have used artificial intelligence to create slick internet memes in English to try to shape the narrative ...

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Perforce Software, the modern DevOps Tech Stack that ensures AI governance, announced the release of the 2026 PHP Landscape ...

A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat actor, turning what already looked like a serious open-source incident ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour ...

LLMs are quietly reshaping data journalism workflows at The Hindu, helping reporters process vast document sets, write ...

LinkedIn is facing two lawsuits over its practice of scanning users’ browsers to determine which extensions they’re running.

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions of the widely used JavaScript HTTP client library.