On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

The right stack around Ollama is what made local AI click for me.

No more fighting an endless article backlog.

A critical Langflow vulnerability leading to unauthenticated remote code execution has been exploited hours after public ...