The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...