Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Infosecurity Magazine

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

A .NET-based infostealer sold as part of a commercial cybercrime toolkit that bundles a stealer, crypter and remote access ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Microsoft

WhatsApp malware campaign delivers VBS payloads and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...