VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
DataBreachToday

How AI Supply-Chain Monitor Spotted Unfolding Axios Attack

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...
SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
Hosted on MSN

Global cyberattacks exploit critical software flaws

A wave of high-impact cyber incidents has struck critical software and infrastructure worldwide, with state-linked groups exploiting supply chains, zero-day flaws, and legacy device vulnerabilities.
Hosted on MSN

Google links North Korea to major Axios supply chain hack

Google has attributed a critical supply chain attack on the widely used Axios JavaScript library to North Korean hacking group UNC1069. The breach inserted a backdoor into two Axios versions, ...