SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
Hosted on MSN

Global cyberattacks exploit critical software flaws

A wave of high-impact cyber incidents has struck critical software and infrastructure worldwide, with state-linked groups exploiting supply chains, zero-day flaws, and legacy device vulnerabilities.
Hosted on MSN

North Korean hackers hit major software tool

Google and cybersecurity firms have linked a major supply chain attack on the popular open-source Axios JavaScript library to North Korea’s UNC1069 group. The breach allowed malicious code to be ...
DataBreachToday

How AI Supply-Chain Monitor Spotted Unfolding Axios Attack

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...

OpenAI Confirms Security Incident—Mac Users Must Update All Apps Now

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, OpenAI has confirmed.