Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
22d
ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery
ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by bitcoin wallets. A major NPM developer, qix, has had their account compromised.
The notification arrived on September 14, 2025, at 17:58 UTC. Somewhere in the sprawling npm registry—home to 2.5 million JavaScript packages that power everything from banking apps to smart ...
ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery
The MarketWatch News Department was not involved in the creation of this content. -- ThreatDown's EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results