The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...
A newer DarkSword exploit leak makes hacking outdated iPhones easier, exposing hundreds of millions of devices to risk.
Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by ...
Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
The launch of Moltbook, a social network for AI agents, will go down as the most intriguing mass agentic AI experiment we’ve ...
A leaked hacking tool called DarkSword could expose older iPhones and iPads to attacks through malicious links and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results