Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
Learn how React Native Mobile simplifies iOS and Android app creation using the versatile mobile app framework with Expo CLI ...
Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results