Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Dark Reading

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

The attackers swapped the account's email address for an anonymous ProtonMail inbox and pushed the infected packages manually ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Doom now runs over DNS, loading from nearly 2,000 text records

A recently released port of Doom can load into memory from Cloudflare without ever writing files to the disc. The project ...
Windows Latest

Microsoft to upgrade Windows Subsystem for Linux (WSL) with faster file access, better networking and easier setup

Microsoft plans major WSL improvements in Windows 11 2026, with faster file performance, better networking, and easier setup ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

New Windows 11 Canary builds bring plenty of Command Line improvements

A pair of new Windows 11 Canary builds is now available for testing, and one of them brings tons of Command Line improvements ...
Microsoft

WhatsApp malware campaign delivers VBS payloads and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...