I keep reaching for my phone, and it’s not for scrolling.

There are plenty of drones (and other gadgets) you can buy online that use proprietary control protocols. Of course, ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Some projects need no complicated use case to justify their development, and so it was with [Janne]’s BeamInk, which mashes a ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

This shouldn’t work—but it absolutely does.

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler ...