North Korean hackers used an updated version of a known backdoor to target a popular npm package.

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

In my Sex, Drugs, and Artificial Intelligence class, I have strived to take a balanced look at various topics, including ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

The US cybersecurity agency CISA has flagged a critical code injection flaw in Langflow, the open-source visual framework ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

Oracle WebLogic operators are under pressure to close a critical security gap after attackers began probing and exploiting a newly disclosed flaw on the same day public exploit code appeared, ...