GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Reducing energy costs without new capital investment: PG&E’s tool lending library for ...

The Tool Lending Library is a free program that gives PG&E customers access to a wide range of professional‑grade energy and ...

Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
The Japan Times

North Korea hackers suspected of attack on widely used software tool

Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous software package, cybersecurity ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

How AI has suddenly become much more useful to open-source developers

How AI has suddenly become much more useful to open-source developers ...
Cybernews

North Korean hackers behind axios critical supply chain attack, Google says

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

North Korea hackers suspected of attack on widely used software tool Axios

North Korea-linked hackers have launched a significant cyberattack on Axios, a popular JavaScript library, raising concerns ...
Infosecurity Magazine

Hackers Hijack Axios npm Package to Spread RATs

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...
Arabian Post

Axios breach jolts software supply chains

The malicious releases were available for about three hours before they were removed, but the brevity of the window has done little to calm alarm because Axios is one of the most heavily used HTTP ...