The North Korean threat actor behind the Axios supply chain attack has been targeting high-profile Node.js maintainers.
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
The community is discussing rejecting AI contributions in open-source development. This is neither realistic nor ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Microsoft plans major WSL improvements in Windows 11 2026, with faster file performance, better networking, and easier setup ...
Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
Compare the top 5 customer identity and access management (CIAM) platforms in 2026 to find the right fit for your product's ...
LeakNet may be expanding its reach and scaling up, changing techniques and running campaigns directly, but the ransomware operator’s use of a repeatable post-exploitation sequence gives defenders a ...
The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers ...
As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...
The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results