The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require users to update their macOS certificates.

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently ...

A wave of high-impact cyber incidents has struck critical software and infrastructure worldwide, with state-linked groups exploiting supply chains, zero-day flaws, and legacy device vulnerabilities.

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, OpenAI has confirmed.

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

Google's security researchers have submitted a report investigating the Axios JavaScript library's supply chain attack that resulted in the installation of a remote access Trojan. Google has concluded ...