On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The right stack around Ollama is what made local AI click for me.

No more fighting an endless article backlog.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...