CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
GitHub

GitHub - GChuf/RCWM: Right Click Windows Magic is an open-source set of right-click (context) menu tools for admins, power users and other magic beings. Batch&Powershell. · GitHub

GitHub - GChuf/RCWM: Right Click Windows Magic is an open-source set of right-click (context) menu tools for admins, power users and other magic beings. Batch&Powershell. · GitHub GChuf / RCWM Public ...
GitHub

wietze/powershell-securestring-decoder

This is a simple web app for decoding ConvertFrom-SecureString outputs. The code is minimalist by design (no JavaScript frameworks are used, just pure JavaScript) and does not rely on external ...