Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...
According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...
A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...
Explore Homebrew Statistics to uncover key usage trends, installs, and growth insights that help developers make smarter ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results