The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

A wave of high-impact cyber incidents has struck critical software and infrastructure worldwide, with state-linked groups exploiting supply chains, zero-day flaws, and legacy device vulnerabilities.

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently ...

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, OpenAI has confirmed.

A hacker has compromised a little-known, but popular 2.4MB software package that's downloaded over 100 million times per week and is widely used across apps. The IT security community is sounding the ...