SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Infosecurity Magazine

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

A .NET-based infostealer sold as part of a commercial cybercrime toolkit that bundles a stealer, crypter and remote access ...
WinBuzzer

Anthropic Leaks Claude Code Source via Npm Source Map

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Tech Xplore on MSN

Vibrations in your skull may be your next password

A team led by Rutgers University researchers has developed a security system that could change how people log in to virtual ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Skull vibrations could be your next password

Even with a password manager, remembering all of that log in information can be difficult. Using a fingerprint, eye, or other ...
SecurityWeek

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials are fueling ransomware, SaaS breaches, and nation-state attacks, as infostealers and AI drive a surge in ...