Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Everything running on your PC uses system resources, so why tax it with unnecessary processes and programs you no longer need ...
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
The activity begins with the attackers distributing malicious VBS files via WhatsApp messages that, when executed, create ...
The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser ...
Hackers are using WhatsApp messages to deliver malware to Windows PCs, exploiting user trust and attachments to trigger ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
A fake Avast scan tells you your PC is infected, then installs the malware that steals passwords, session data and crypto ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results