A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Learn the five core elements shaping intelligent automation in 2026, from orchestration and event-driven data flows to ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results