Supply chain attack hits Axios npm releases, users urged to rotate keys

Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

The attackers swapped the account's email address for an anonymous ProtonMail inbox and pushed the infected packages manually ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Mining Weekly

Mercedes-Benz: Building Mzansi’s Tomorrow, Piece by Massive Piece

In the world of engineering, precision matters most to those in the industry. When South Africa's most ambitious ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...

Supply chain attack hits 300 million-download Axios npm package

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...

SSM Health Dean sues orthopedic surgeons leaving to start competing practice

SSM Health Dean was a planning an orthopedics ambulatory surgery center, which the new group says it will now build, along ...

GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...
Techzine Europe

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign is currently targeting developers via GitHub. Attackers are exploiting the Discussions feature to spread fake security ...