BestHub
Sign in
Code Mala Tang
Code Mala Tang
Mar 31, 2026 · Information Security

How Malicious Axios Versions Hijacked NPM: A Deep Supply‑Chain Attack Analysis

StepSecurity uncovered a sophisticated supply‑chain attack on the popular Axios HTTP client where compromised maintainer credentials were used to publish malicious versions that injected a hidden postinstall RAT, evaded detection, and executed platform‑specific payloads before self‑destructing, prompting detailed forensic and remediation guidance.

AxiosHarden-RunnerRAT
0 likes · 31 min read
How Malicious Axios Versions Hijacked NPM: A Deep Supply‑Chain Attack Analysis
Sohu Tech Products
Sohu Tech Products
Sep 6, 2023 · Information Security

Unveiling DarkComet: In‑Depth Static & Dynamic Analysis of a Delphi RAT

This article provides a comprehensive technical breakdown of the DarkComet remote‑access trojan, covering its classification, Delphi‑based static characteristics, step‑by‑step dynamic behaviors such as hidden startup, file dropping, registry auto‑run, QQ data harvesting, SMS bombing, plus extracted IOCs and practical mitigation recommendations.

DarkCometDelphiIoC
0 likes · 9 min read
Unveiling DarkComet: In‑Depth Static & Dynamic Analysis of a Delphi RAT