A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
A new scam involving fake CAPTCHA boxes is tricking people into downloading malware that can steal sensitive information.
A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.
Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
The Oakland-born actress co-stars with Robert Pattinson in the latest from provocateur director Kristoffer Borgli.
DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results