Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

A new stealthy JavaScript loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. The novel loader was quick to establish ...

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...

Researchers are warning of a new JavaScript loader being used to distribute eight Remote Access Trojans (RATs) in information-stealing campaigns. A team at HP Wolf named the tool “RATDispenser,” and ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

2:00 PM -- In the beginning, there was application security. All ports were open to the world and practically every application had holes in it. It was like the Wild West. Eventually application ...

Understanding how malware attacks work is vital to defend against them. To ease this process, threat analysts have developed models that map the stages of cybersecurity attacks, allowing defenders to ...

Threat protection startup Deep Instinct Ltd.’s Threat Research Lab today provided details of a new strain of JavaScript-based dropper that delivers two forms of malware onto victims’ computers. Dubbed ...