Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Infosecurity Magazine

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses ...
SecurityWeek

New DeepLoad Malware Dropped in ClickFix Attacks

The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser ...

AI malware threatens Windows 11 security. Traditional antivirus can’t keep up

AI-powered fileless malware is changing what it means to keep a Windows 11 PC secure. Here's what's happening and what to do.
Dark Reading

Venom Stealer MaaS Platform Commoditizes ClickFix Attacks

A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social ...
Dark Reading

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...
Business.com on MSN

PowerShell basics: Programming with loops

Learn how to use PowerShell "for" loop to automate tasks in Windows PowerShell. Includes syntax, examples, loop comparisons ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

84% of attacks abuse legitimate tools across 700,000 incidents, expanding internal attack surfaces and evading detection ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Gadget Review on MSN

Hackers turn "I'm not a robot" tests into malware trap scams – here's how

Hackers weaponize CAPTCHA tests to install malware that steals browser passwords and cryptocurrency wallets through fake ...