The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...
In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the ...
North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...
Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer account was taken over. Security r ...
�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results