Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

How to Find Out Whether Your Computer Is Part of a Botnet—and What to Do About It

WSJ’s Robert McMillan breaks down why residential proxy software are so bad, and how to check if the malware is installed on ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

After fighting malware for decades, this cybersecurity veteran is now hacking drones

Mikko Hyppönen is one of the most recognizable faces of the cybersecurity industry. After fighting computer viruses, worms, ...

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

Hackers are using WhatsApp messages to deliver malware to Windows PCs, exploiting user trust and attachments to trigger ...

North Korea-linked hack hits largely invisible software that powers online services

By AJ Vicens March 31 (Reuters) - Hackers linked to North Korea breached behind-the-scenes software that runs many common ...

Everything you need to know about the malware stealing data from Mac users

Mac users have a new malware threat to be on the watch out for. According to a new report by Malwarebytes, Infiniti Stealer ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
CoinDesk

Maryland man charged in $50 million Uranium Finance hack after U.S. seized $31 million in crypto

Prosecutors say Jonathan Spalletta exploited smart contract bugs twice in April 2021, laundering funds through Tornado Cash ...

Man admits to locking thousands of Windows devices in extortion plot

A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed ...