Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Doom now runs over DNS, loading from nearly 2,000 text records

A recently released port of Doom can load into memory from Cloudflare without ever writing files to the disc. The project ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
TweakTown

The most boring protocol on the Internet can now run DOOM, loading from nearly 2,000 text records

DNS text records and a PowerShell script is the latest absurd way someone has managed to get the iconic first-person shooter ...
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...
Dark Reading

The Forgotten Endpoint: Security Risks of Dormant Devices

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
How-To Geek on MSN

4 reasons I can no longer use Windows as my daily driver

Windows was my mainstay OS for a long time, but broken updates and other problems forced a permanent switch to Linux ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Check Point: Market Prices Stagnation, But Partial Transition Can Drive Upside

Check Point Software is undervalued due to market mispricing of its transition potential amid a shifting cybersecurity ...