Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Google has issued an update alert for 3.5 billion Chrome browser users following confirmation of a new zero-day attack ...

Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScript HTTP library, but for three hours, it ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Explore Homebrew Statistics to uncover key usage trends, installs, and growth insights that help developers make smarter decisions.

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...