On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

AI note-taking apps try to think for you, but NotebookLM works with your sources instead, making answers easier to trust and ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A practical, hands-on guide to navigating deepfake technology and reducing the risks it poses to your business.

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Supply chain attacks feel like they're becoming more and more common.

If you're a cybersecurity enthusiast or ethical hacker who wants to learn more about building hacking tools, this book is for ...

Keep each script version focused on a single change type (patches for fixes, minors for features, majors for breaking changes). Retain all prior versions and never modify an existing release; copy to ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.