A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...
A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...
Learn the five core elements shaping intelligent automation in 2026, from orchestration and event-driven data flows to ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results