Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Spread the loveIn a significant security incident that has sent shockwaves through the developer community, a North Korean state-sponsored hacking group has successfully compromised the popular Axios ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...