Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...
Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results