Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
CSO Online 31.03.2026 20:45
Attackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used it to publish malicious versions of the package that deployed a cross-platform remote access trojan on developer machines. The incident represents the highest-impact npm supply chain attack on record given Axios’ approximately 100 million weekly downloads and its presence in frontend frameworks, backend services, and countless enterprise applications.
Luckily the trojanized versions, axios@1.14.1 and axios@0.30.4, were detected by multiple security companies monitoring the npm registry within minutes of publication, triggering a rapid response that saw the malicious packages removed by the npm team between two to three hours later. That said, given the high download activity this project sees, the short time window was enough to impact a significant number of developer environments.
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
CSO Online 31.03.2026 18:46
A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentication remote code execution flaw that is now under active exploitation. Hackers are using it to deploy a persistent malware program that runs with root privileges.
The CVE-2025-53521 vulnerability was first disclosed in October 2025 as a DoS issue with a CVSS severity score of 7.5. F5 updated the advisory Friday, reclassifying it as remote code execution and raising its score to CVSS 9.8 in light of “new information” it has received. The same day, CISA added the flaw to its Known Exploited Vulnerabilities (KEV) catalog and the Netherlands Cyber Security Centre reported seeing active exploitation.
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
The Hacker News 31.03.2026 16:03
A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos.
The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker to distribute a tampered update,
Telegram: Hickhack um kritische oder hochriskante Sicherheitslücke
Heise Security 31.03.2026 12:14
IT-Forscher haben eine vermeintlich kritische Zero-Click-Schwachstelle in Telegram ausgemacht. Telegram widerspricht dem.
NCSC Urges Immediate Patching of F5 BIG-IP Bug
Infosecurity Magazine 31.03.2026 08:45
The National Cyber Security Centre wants UK firms to patch CVE-2025-53521
Rund 30.000 Instanzen am Netz: Citrix-Systeme werden attackiert
Golem 31.03.2026 07:18
Eine kritische Sicherheitslücke gefährdet unzählige Citrix-Netscaler-Instanzen. Angreifer nutzen sie bereits aus. Es droht eine vollständige Kompromittierung. (Sicherheitslücke, Citrix)