Hackers compromise Axios npm package to drop cross-platform malware

Hackers Use Poisoned Axios Package and Phantom Dependency to Spread Cross-Platform Malware

itsecuritynews.info - 06/Apr 12:07

One of the most widely used JavaScript libraries in the world was turned into a weapon on March 30, 2026, when attackers poisoned the Axios npm...

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

itsecuritynews.info - 04/Apr 12:02

A highly coordinated social engineering campaign is actively targeting top open-source developers in the Node.js and npm ecosystem. Following the...

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

itsecuritynews.info - 04/Apr 12:02

A highly coordinated social engineering campaign is actively targeting top open-source developers in the Node.js and npm ecosystem. Following the...

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

bleepingcomputer.com - 10/Apr 13:12

Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the...

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

bleepingcomputer.com - 10/Apr 13:12

Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the...

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

itsecuritynews.info - 03/Apr 12:36

The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering...

Mitigating the Axios npm supply chain compromise

itsecuritynews.info - 01/Apr 22:31

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates...

Mitigating the Axios npm supply chain compromise

itsecuritynews.info - 01/Apr 22:31

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates...

Hackers Use ClickFix Lure to Drop Node.js-Based Windows RAT With Tor-Powered C2

itsecuritynews.info - 07/Apr 18:09

A fresh wave of cyberattacks is targeting Windows users through a deceptive social engineering technique called ClickFix. Attackers use a fake browser...

Axios npm hack used fake Teams error fix to hijack maintainer account

bleepingcomputer.com - 04/Apr 20:30

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social...

Rubriques :

Hackers compromise Axios npm package to drop cross-platform malware

Articles similaires

Hackers Use Poisoned Axios Package and Phantom Dependency to Spread Cross-Platform Malware

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Mitigating the Axios npm supply chain compromise

Mitigating the Axios npm supply chain compromise

Hackers Use ClickFix Lure to Drop Node.js-Based Windows RAT With Tor-Powered C2

Axios npm hack used fake Teams error fix to hijack maintainer account

Les derniers communiqués