Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...

Researchers boosted levels of a heart-healing hormone in mice and pigs with a single injection of a new, experimental form of self-amplifying RNA that prolonged hormone synthesis for many weeks. When ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

A single shot of self-amplifying RNA can repair tissue damage from a heart attack, new research in pigs and mice shows. It can take weeks or months to recover from a heart attack, but the new study ...