Cyber Daily

Your developers work for cyber gangs

In-house software built in March with open-source components may include malware placed there by criminals. This isn’t a ...
Silicon CanalsOpinion

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain ...

The most widely used JavaScript HTTP library on the internet — embedded in millions of production applications, relied on by ...
Silicon Canals

A three-hour window: North Korean hackers compromised the Axios library and exposed ...

Forty-five million weekly downloads. One compromised maintainer. Three hours of exposure before anyone noticed.

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Glut of new build homes starts to unhinge the Alberta market

Record number of completions creates backlog of unsold, new-build inventory that is out of reach for first-time buyers ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Reducing energy costs without new capital investment: PG&E’s tool lending library for ...

The Tool Lending Library is a free program that gives PG&E customers access to a wide range of professional‑grade energy and ...
Computing

Hackers compromise Axios, one of the most widely used software libraries

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...