Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

'This is unironically a malware nuclear missile.' ...

Google patched Chrome zero-day CVE-2026-5281, but the bigger story is WebGPU risk and how modern browsers are starting to ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

An AI pentesting tool has discovered critical vulnerabilities in default ImageMagick configurations. Workarounds offer ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Collaboration platforms are central to modern enterprise workflows, handling everything from project tracking to internal ...

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...

AI is rapidly reshaping industries across Canada, and organizations that move beyond experimentation are already seeing a ...