Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

Why the axios supply chain attack should have Apple worried

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
The Financial Express

Somebody publicly posted an iPhone hack kit that puts millions of you at risk

Once a victim is exposed to a malicious link, the exploit gains filesystem access and exfiltrates data to an ...
PCMag on MSN

Update your iPhone now: New 'DarkSword' hack targets older iOS 18 versions

Beware! Shadowy attackers have been using an iOS exploit to hack vulnerable devices.

'I was naive', says minister who quit over Labour Together claims

Josh Simons resigned after facing claims a think tank he used to run commissioned a report into journalists' backgrounds.
GovInfoSecurity

Cryptohack Roundup: AppsFlyer SDK Breach Enabled Theft

This week, the AppsFlyer SDK breach, JPMorgan sued over ties to a Ponzi scheme, the OFAC sanctioned a network tied to North ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

iPhone exploit DarkSword has been released in the wild: How to protect yourself

Uh-oh. Now anyone can easily use it.
Infosecurity Magazine

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser ...