Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
SecurityWeek

Guardarian Users Targeted With Malicious Strapi NPM Packages

A threat actor has used 36 malicious NPM packages posing as Strapi plugins to distribute malware targeting Redis, Docker, and ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Infosecurity Magazine

Hackers Hijack Axios npm Package to Spread RATs

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...

Supply chain attack hits Axios npm releases, users urged to rotate keys

Security firm Socket advised developers to check dependencies for affected Axios versions and remove or roll back compromised ...