A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Anthropic’s leak of proprietary Claude Code sparked the developer community to group around “claw-code,” the fastest-growing ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

大家好，我是程序员晚枫。最近我在后台私信里，收到了太多职场朋友的无奈吐槽：“枫哥，我每天都在做表，感觉自己像个无情的复制粘贴机器！”“每天因为整理数据、合并文档加班到深夜，谈恋爱的时间都没有！”其实，我特别理解大家的处境。在这个节奏飞快的时代，如果你 ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

Malwarebytes discovered Infiniti Stealer - a new piece of malware targeting macOS devices.

Security teams are scrambling after two malicious releases of the Telnyx Python SDK were uploaded to PyPI on March 27, turning a widely used developer tool into a credential-stealing backdoor that ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...