Imagine trusting an update to safeguard your site—only for it to unleash a horde of backdoors. That's the nightmare hackers delivered via Smart Slider 3 Pro, hitting nearly a million WordPress installs.
Imagine firing up npm install for a quick Strapi tweak, only to hand attackers your database keys and a persistent foothold. That's the nightmare 36 malicious packages just unleashed on unsuspecting devs.
We all figured Axios was untouchable, that rock-solid HTTP client millions rely on. But hackers didn't crack code—they conned humans, at industrial scale.
North Korean hackers didn't just breach an npm account—they hijacked Axios, a package pulled 100 million times weekly, and laced it with self-deleting malware. This week's threats expose how attackers are betting big on the software build process.
What if the next update to your favorite npm package came laced with North Korean spyware? That's exactly what happened to Axios — and it started with a too-perfect Slack invite.
Databricks is scrambling to verify a potential TeamPCP breach, while the group unleashes dual ransomware tracks and dumps AstraZeneca data for free. This isn't just another hack—it's a monetization masterclass.
Mercor just admitted it: TeamPCP's LiteLLM poison pill hit hard. Wiz peels back the post-breach playbook, showing how attackers feast on cloud creds.
One npm install, and boom—your cloud keys are en route to a hacker's server. Axios, the unsung hero of JS networking, just got turned into a trojan horse.
Attackers slipped infostealers into GitHub Actions and PyPI, turning vulnerability scanners against their users. Over 500,000 machines lost cloud tokens, SSH keys, and Kubernetes secrets in this escalating nightmare.