Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Doom now runs over DNS, loading from nearly 2,000 text records

A recently released port of Doom can load into memory from Cloudflare without ever writing files to the disc. The project ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
GitHub

Browse Windows Package Manager packages, select what you need, and export them for quick installation.

Winget Export provides an interface for browsing Windows Package Manager (winget) packages. The package list is updated every day to ensure an access to the latest available packages. You can search ...