Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.
The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
The rapid adoption of Generative AI Applications across enterprises has transformed productivity, automation, and decision-making. AI tools now power daily workflows by drafting emails, writing code, ...
Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, impacting multiple OS.
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, ...
Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results