Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
20d
ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery
ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.
Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...
The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
Agents run amok: Identity lessons from Moltbook’s AI experimentThe late January launch of Moltbook, a social network for AI agents, will go down as the most intriguing mass agentic AI experiment we’ve ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.
Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results