SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
GIGAZINE

Google has identified North Korean hacker group 'UNC1069' as the perpetrators of a supply chain attack against the open-source Axios.

Google's security researchers have submitted a report investigating the Axios JavaScript library's supply chain attack that resulted in the installation of a remote access Trojan. Google has concluded ...
Hosted on MSN

North Korea-linked hackers used fake Teams updates to hit Axios npm

The tactical sequence here is worth breaking down because it reveals a deliberate two-stage approach. First, the attackers did not try to brute-force their way into npm infrastruc ...