Google fixes fourth Chrome zero-day exploited in attacks in 2026

In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Security Boulevard

Google Says North Korea Was Behind the Axios npm Supply Chain Attack

A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Apple expands iOS 18 updates to more iPhones to block DarkSword attacks

Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axi…

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...
Infosecurity Magazine

Hackers Hijack Axios npm Package to Spread RATs

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...
Computing

Hackers compromise Axios, one of the most widely used software libraries

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...
Foreign Affairs

A War’s Unintended Consequences—for Iran, the Middle East, and the Global Order

At a February 2026 gathering to commemorate the revolution that ushered in Iran’s Islamic Republic, the country’s supreme leader, Ayatollah Ali Khamenei, struck a reflective note. He remarked that it ...