Techzine Europe

Axios supply chain attack victim posts postmortem to prevent a repeat

Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScript HTTP library, but for three hours, it ...
SecurityWeek

Guardarian Users Targeted With Malicious Strapi NPM Packages

A threat actor has used 36 malicious NPM packages posing as Strapi plugins to distribute malware targeting Redis, Docker, and ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.
The Hacker News

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.
The New York Times

World News

Hezbollah, the Iran-backed militia Israeli forces are battling in Lebanon, avoided mention of the 10-day cease-fire but appeared to be adhering to it. A truce could remove an obstacle in U.S.-Iran ...
Space.com

International Space Station

Cities far below the International Space Station and stars far in the cosmic distance create ghostly trails of light in a long-exposure photograph from NASA astronaut Chris Williams.