Threat Digest

Abstract representation of a tangled web of code, with red nodes indicating security breaches and interconnected lines showing propagation.

npm's 'Nuisance' Era is Over: The Rise of Wormable Attacks

The days of worrying about minor npm annoyances are long gone. A chilling new breed of self-replicating malware is reshaping the threat landscape, turning the developer's trusted toolkit into a weapon.

6 min read 3 weeks, 6 days ago

Digital assembly line depicting hackers scaling social engineering attacks on NPM maintainers like the Axios incident

Vulnerabilities & CVEs

Axios NPM Hijack: When Social Engineering Goes Factory-Scale

We all figured Axios was untouchable, that rock-solid HTTP client millions rely on. But hackers didn't crack code—they conned humans, at industrial scale.

5 min read 1 month, 2 weeks ago

#npm-security

npm's 'Nuisance' Era is Over: The Rise of Wormable Attacks

Axios NPM Hijack: When Social Engineering Goes Factory-Scale