Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply chains.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
TWCN Tech News

Bulk install Windows apps with Winstall GUI for Windows Package Manager

Winstall is a website that can create a script based on app selection. When you run this script on Windows 10 PC, it will install all the apps you had selected on the website. While it lists some of ...
TWCN Tech News

Error 0x80070666 when installing Microsoft Visual C++

You may encounter Error 0x80070666 when installing Microsoft Visual C++ redistributable package on your Windows 11 or Windows 10 computer. In this post, we will ...
Virtualization Review

Running AI Natively on Windows 11 Using an eGPU

Tom Fenton reports running Ollama on a Windows 11 laptop with an older eGPU (NVIDIA Quadro P2200) connected via Thunderbolt dramatically outperforms both CPU-only native Windows and VM-based ...
IGN

The Best Streaming Bundles to Combine Services in 2026

Ever since digital streaming was introduced, companies like Disney, Warner Bros, Netflix, and Amazon have been finding new ways to "revolutionize" monthly subscriptions, which has more or less come ...