The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
Cloudflare Inc. today announced an expansion of its Agent Cloud with new features that are designed to help developers build, deploy and scale agents. The new release includes a suite of ...
DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Cryptopolitan on MSN
Axios supply chain attack raises risk to crypto wallets
Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results