Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...

Discover the details of the North Korean hack on Axios software. We explain how the UNC1069 group is stealing US ...

'This is unironically a malware nuclear missile.' ...

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...

A hacker has manipulated a widely-used JavaScript library, Axios, to distribute malware, potentially compromising millions of ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...