Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...
GitHub

vcpkg install fails behind proxy with schannel error 0x80092012

I am behind corporate Trend Micro proxy (TMWS) on Windows 11 24H2. HTTP_PROXY, HTTPS_PROXY and NO_PROXY environment variables are configured correctly. With the ...
Bleeping Computer

Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing’s AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...