A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Cryptopolitan on MSN
Hackers target crypto users with fake CAPTCHA
Crypto users are facing a new security threat via fake Cloudflare CAPTCHA pages. The attack installs an infostealer built to siphon crypto wallet data.
A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.
Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.
21d
ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery
ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
A new cryptojacking malware campaign is targeting Docker environments using a novel mining technique, according to researchers from Darktrace and Cado Security Labs. The campaign demonstrates a trend ...
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results