arrow_back
search
close

Content has been added to your Folio

Research, News, and Perspectives

Add Filters
Filter by:
Threats
Environments
Article Type
Medium
Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
Cyber Threats

Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads

A supply chain attack hit Axios when attackers used stolen npm credentials to publish malicious versions containing a phantom dependency. This triggered a cross-platform RAT during installation and replaced its files with clean decoys, making detection challenging.

Mar 31, 2026

Trending Topics

Malware

TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM

Artificial Intelligence (AI)

Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise

APT & Targeted Attacks

Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities

Artificial Intelligence (AI)

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks.

Research Apr 03, 2026

Save to Folio

Research Apr 03, 2026

Save to Folio

Artificial Intelligence (AI)

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks.

Research Apr 03, 2026

Save to Folio

Research Apr 03, 2026

Save to Folio

Privacy & Risks

TrendAI Insight: New U.S. National Cyber Strategy

TrendAI reviews the White House National Cyber Strategy, outlining six pillars to strengthen U.S. cybersecurity—from deterrence and regulation to federal modernization, critical infrastructure protection, AI leadership, and workforce development.

Latest News Apr 01, 2026

Save to Folio

Latest News Apr 01, 2026

Save to Folio

Artificial Intelligence (AI)

The Real Risk of Vibecoding

This blog looks at how AI‑driven vibecoding speeds up software development while increasing security risk by outpacing traditional review and ownership. It explains why security needs to move earlier and be built into modern development workflows.

Expert Perspective Mar 31, 2026

Save to Folio

Expert Perspective Mar 31, 2026

Save to Folio

Artificial Intelligence (AI)

Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise

TeamPCP orchestrated one of the most sophisticated multi-ecosystem supply chain campaigns publicly documented to date. It cascaded through developer tooling and compromised LiteLLM and exposed how AI proxy services that concentrate API keys and cloud credentials become high-value collateral when supply chain attacks compromise upstream dependencies.

Latest News Mar 26, 2026

Save to Folio

Latest News Mar 26, 2026

Save to Folio

Trend Vision One™ - Proactive Security Starts Here.

Resources

Support

About Trend

Country Headquarters

  • Trend Micro - United States (US)
  • 225 East John Carpenter Freeway
    Suite 1500
    Irving, Texas 75062
  • Phone: +1 (817) 569-8900

Select a language

close

Experience our enterprise cybersecurity platform for free

Copyright ©2026 Trend Micro Incorporated. All rights reserved.