Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Microsoft

WhatsApp malware campaign delivers VBS payloads and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Bitdefender

The Scam That Tricks You Into Infecting Your Own Mac

With macOS 26.4, Apple is now warning users before they paste potentially dangerous commands into the Terminal app.
WinBuzzer

Claude Code Bug May Destroy Uncommitted Work Every 10 Minutes

Anthropic's Claude Code CLI has been found silently running git reset --hard every 10 minutes, destroying uncommitted changes ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

Microsoft formally removes a command line tool from Windows 11 25H2, 24H2, 23H2, Windows 10

Microsoft has formally announced the death of a command-line tool on all versions of Windows 11, Windows 10, as well as ...