Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer ...

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...