A critical breakdown in one of the most trusted Node.js sandbox libraries is putting countless applications … vm2 Vulnerabilities Enable Full System TakeoverRead more
npm security
Malicious “tanstack” Package Hijacks npm to Steal Dev Secrets
On April 29, 2026, a highly targeted supply chain attack hit the JavaScript ecosystem. An attacker … Malicious “tanstack” Package Hijacks npm to Steal Dev SecretsRead more
Mitigating OpenClaw Vulnerabilities: A Guide to AI Agent Security
The rapid adoption of Autonomous AI agents has introduced a new frontier for cyberattacks. Recently, researchers … Mitigating OpenClaw Vulnerabilities: A Guide to AI Agent SecurityRead more
Software Supply Chain Crisis: Checkmarx and Bitwarden Hijacked by TeamPCP
In what is being described as one of the most aggressive supply chain campaigns of 2026, … Software Supply Chain Crisis: Checkmarx and Bitwarden Hijacked by TeamPCPRead more
Bitwarden CLI Supply Chain Attack Exposes CI/CD Secrets
A critical supply chain attack targeting Bitwarden CLI has raised serious concerns across DevSecOps environments and … Bitwarden CLI Supply Chain Attack Exposes CI/CD SecretsRead more
NPM Supply Chain Attack Spreads CanisterWorm Malware
A dangerous new npm supply chain attack has emerged, compromising packages linked to Namastex.ai and delivering … NPM Supply Chain Attack Spreads CanisterWorm MalwareRead more
Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide
On March 31, 2026, the cybersecurity community faced a major wake-up call when a widely trusted … Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide Read more
Malicious Axios Package Delivers WAVESHAPER.V2 Backdoor in Supply Chain Attack
A major software supply chain attack has impacted the JavaScript ecosystem after threat actors compromised the … Malicious Axios Package Delivers WAVESHAPER.V2 Backdoor in Supply Chain AttackRead more