The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Make Tech Easier

ShellGPT: Turn Your Words into Terminal Commands

ShellGPT makes the terminal user-friendly, saving time by generating commands, automating scripts, and guiding me through tasks.
Security Boulevard

Which Came First: The System Prompt, or the RCE?

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Cybernews

Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...
Electronics For You

JOB: Firmware Validation Engineer At kasadara In Bengaluru

This role offers hands-on exposure to Smart Energy Metering, IoT systems, Embedded Linux validation, and Microsoft Azure ...