The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
Hosted on MSN

Tennessee set to execute woman for first time in over 200 years

If Christa Pike's execution is carried out, she would be the first woman executed in Tennessee in 200 years and the 19th woman in modern U.S. history. Iran gives Trump an ultimatum on JD Vance Map ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
PC World

Installing an AI assistant on your PC? 5 do’s and don’ts

PCWorld examines essential safety practices for new personal AI assistants like Claude Cowork and Perplexity’s Personal Computer that offer extensive desktop control capabilities. These AI tools can ...