VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
The Hindu

The Axios Hack: How a single compromised account put millions of developers at risk

If you’ve ever built a website, run a startup, or shipped software of any kind in the last decade, there’s a good chance you’ve used axios. It’s one of those software tools that powers enormous chunks ...
Hosted on MSN

Singapore issues urgent warning after Axios supply chain breach

What happened?: Attackers took over a maintainer account for Axios and published malicious versions to npm, potentially impacting millions of downloads. Why it matters: CSA Singapore warns supply ...