A breach Tuesday of the widely used Axios software library is the latest in a string of incidents exposing risks in the systems that underpin how modern software is built. Developers use Axios to ...

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and Linux. Version 1.14.1, released by the attackers on March 30, is affected.

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Federal prosecutors charged three men linked to Super Micro Computer Inc. in a sweeping scheme to smuggle billions of dollars in U.S. artificial intelligence technology to China using fake documents, ...

Seoul : Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, Google analysts and other cybersecurity experts said Wednesday. The ...

Suspected North Korean hackers have bugged a software package that has been used by thousands of US companies in a major supply-chain attack that could take months to recover from, security experts ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks.