Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

The key is that researchers can see how Claude Code is meant to work but cannot recreate it because the leak does not include ...

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

North Korean hackers compromised the widely used Axios JavaScript library to infiltrate US companies and steal cryptocurrency ...

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...