Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Security researchers at Malwarebytes have uncovered a new malware campaign targeting Windows users with a fraudulent clone of Microsoft's site.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and Linux.

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour ...

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about humans flying near the moon, Netflix refunding ...

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions of the widely used JavaScript HTTP client library.

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, impacting multiple OS.