SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
TechRadar

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axios

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency “plain-crypto-js” deployed WAVESHAPER.V2 backdoor across Windows, macOS, and Linux ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
telecom.economictimes.indiatimes

OpenAI identifies security issue involving third-party tool, says user data was not accessed

OpenAI said on Friday it had identified a security issue involving a third-party developer tool called Axios and is taking steps to protect the process that certifies its macOS applications are ...