Axios is a technology platform tracked across 16 threat clusters and 47 intelligence report mentions on ThreatCluster. First observed February 10, 2026; most recent activity July 1, 2026.
On July 1, 2026, security firm SlowMist identified a fake trading bot on GitHub designed to spread malware targeting Polymarket users and DeFi developers. The bot, named 'polymarket-arbitrage-bot', was promoted as a…
ESET's latest APT Activity Report reveals that from October 2025 to March 2026, China-aligned threat actors engaged in extensive espionage campaigns, particularly in Venezuela and the Gulf region. Following U.S.…
Microsoft's Threat Intelligence unit has issued a warning about a cyber campaign targeting cryptocurrency investors and software developers through compromised npm packages. The malware, embedded in two specific…
On June 5, 2026, Fedora released updates for NextCloud addressing two critical vulnerabilities: CVE-2026-42044 and CVE-2026-44167. CVE-2026-42044 involves JSON response tampering via prototype pollution in Axios, while…
The Glassworm botnet, which has targeted software developers since early 2025, was taken down in a coordinated operation by CrowdStrike, Google, and the Shadowserver Foundation on May 26, 2026. This botnet utilized…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
On May 20, 2026, GitHub confirmed a significant security breach involving a poisoned Visual Studio Code (VS Code) extension that compromised an employee's device. The attack, attributed to the TeamPCP hacking group,…
OpenAI has identified a security issue involving the third-party developer library Axios, which was compromised on March 31, 2026, as part of a broader software supply chain attack. The attack did not result in any user…
On March 31, 2026, Anthropic inadvertently exposed the entire source code of its AI tool, Claude Code, by including a 59.8 MB source map file in a public npm package. This leak, caused by human error, allowed access to…
OpenAI confirmed a security breach affecting two employee devices due to a supply chain attack linked to the TanStack npm library, part of a broader campaign called Mini Shai-Hulud. The attack involved the publication…