Supply Chain Attack Hits Axios NPM Packages
Axios is a dependency in nearly 80% of all cloud and code environments and sees approximately 100 million downloads per week.
Supply Chain Attack Hits Axios NPM Packages
April 1, 2026 | 4 min read
Go to previous slide
Go to slide 1
Go to slide 2
Go to slide 3
Go to next slide
The Latest
Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens
The bug is a command injection issue and lies in the way that Codex processed GitHub branch names during the execution of tasks.
Read More Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens
TeamPCP’s Supply Chain Attack Spree Continues
TeamPCP’s latest victim is the Telnyx Python SDK on PyPl, coming after a wave of supply chain hits on Aqua Trivy, Checkmarx KICS/OpenVSX, and LiteLLM.
For AI and Security, ‘The Storm is Coming’
Technology moves quickly, and as we’re discovering yet again, threat actors move just as quickly, and are adopting AI tools and platforms at an astonishing rate.
DoJ Sentences Russian Initial Access Broker to 6 Years in Prison
Aleksei Volkov, 26, has been sentenced to almost seven years in prison for his role in facilitated Yanluowang ransomware group attacks.
Read More DoJ Sentences Russian Initial Access Broker to 6 Years in Prison
Mark Watney: Space Hacker
Wendy Nather joins Dennis Fisher to dig into the nutrient-rich narrative soil that produced a modern classic that truly epitomizes the hacker ethos. We are the greatest podcasters on Mars!
EU Sanctions Iranian and Chinese Companies for Targeting Member Nations
The new sanctions list includes two China-based technology companies, two of their co-founders, and an Iranian firm, all implicated in a range of attacks from corporate espionage and critical infrastructure disruption to disinformation campaigns.
Read More EU Sanctions Iranian and Chinese Companies for Targeting Member Nations