DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Some projects need no complicated use case to justify their development, and so it was with [Janne]’s BeamInk, which mashes a ...

OpenClaw, an open-source AI agent with a red lobster logo, has sparked a nationwide craze in China in early 2026.Unlike ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

RS South Africa has been named Master Distributor for the Arduino UNO Q. This appointment follows RS’s recognition at the Arduino Partner Conference in Milan, where it received two prestigious awards: ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

AI voice cloning is now practical for creators. It can save time, scale content, and improve consistency when used right.Not ...

archinstall 4.0 replaces the curses interface with Textual, adds firewall and UKI support, and fundamentally modernizes the ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

事件概述2026 年 3 月 31 日，著名云安全平台 StepSecurity 监测到，在 JavaScript 生态系统中最受欢迎的 HTTP 客户端库 Axios（每周下载量超 3 亿次）遭遇了严重的供应链攻击。攻击者劫持了 Axios ...