Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Techzine Europe

Axios supply chain attack victim posts postmortem to prevent a repeat

Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScript HTTP library, but for three hours, it ...
HHS

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...
Cryptopolitan on MSN

Axios supply chain attack raises risk to crypto wallets

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks.

OpenAI responds to Axios HTTP hack by updating security certificates.

When hackers got access to an account belonging to the maintainer of Axios they inserted a script that granted remote access to users’ Windows, macOS, and Linux devices. This malicious version ...