Coinbase and the Linux Foundation are backing a new group that will steward an open standard for embedding payments into web ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Suspected North Korean hackers are believed to be behind an ongoing compromise of the widely used open-source package Axios, ...

The PinePhone and PinePhone Pro were great Linux-based phones, with an open hardware design and affordable hardware. Unfortunately, there’s still no follow-up model on the horizon, for a few different ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

The Integrated Management Controller (IMC) flaw gives attackers admin access and remote control over servers even when main ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...