Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The 'Discussions' section is being manipulated into delivering malware to software devs.

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

┌──────────────────────────────────────────────────────� ...