A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...
Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...
The Raspberry Pi 5 is several times faster than previous models of the compact and cheap computer. For less than a couple ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results