Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Fleet World

Vauxhall launches Grandland Plug-in Hybrid at same price as hybrid model

Vauxhall has completed the electrified line-up for its flagship Grandland SUV with the arrival of a plug-in hybrid model.
Hoodline

Fake CAPTCHA Scam Tricks Windows Users Into Installing Password-Snatching Malware

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.

DarkSword leak puts millions of iPhone users at risk

A leaked hacking tool called DarkSword could expose older iPhones and iPads to attacks through malicious links and ...
The Register-Herald

The Latest: Artemis II astronauts strap into the Orion capsule, continue with launch prep

The astronauts are in the capsule and in place for the Artemis II mission. NASA’s planned lunar fly-around by four astronauts ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Google Confirms High-Risk Update For 3.5 Billion Chrome Users

Nearly all 3.5 billion Chrome browser users will soon see a ‘high-risk’ security update from Google. Here’s what you need to ...
The Hacker News

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.
Morning Overview on MSN

Apple says Lockdown Mode has blocked mercenary spyware attacks so far

Apple says its Lockdown Mode is designed to protect high-risk iPhone users from sophisticated surveillance tools, and ...
ABC57

Local expert weighs in on landmark social media decisions

Two landmark trials this week and two losses for social media giants. In the Los Angeles case, a jury found Meta and YouTube, which is owned by Google, negligent for designing apps that harmed kids ...