Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the ...

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...

Claude Mythos autonomously found zero-days in OpenBSD, FFmpeg, FreeBSD and major browsers that survived decades of expert ...

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...