Supply chain attacks feel like they're becoming more and more common.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Discover custom web development services that actually scale, helping businesses improve performance, flexibility, security, ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Java has endured radical transformations in the technology landscape and many threats to its prominence. What makes this ...