Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
標的プラットフォームはWindows、macOS、Linuxとされ、主要なプラットフォームをすべて侵害可能とされる。そのため、当該バージョンのaxiosを直接インストールした場合や、axiosを利用しているパッケージや製品をインストールした場合は侵害 ...
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
はじめに:これは「エンジニアの話」ではない 2026年3月31日。世界中の開発者が使う「axios」というソフトウェア部品が乗っ取られた。 🚨 CRITICAL: Active supply chain attack on axios -- one ...
'This is unironically a malware nuclear missile.' ...
A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Morning Overview on MSN
Suspected North Korean hackers compromise widely used US software
Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software development, by hijacking a maintainer’s npm account and publishing tainted ...
Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScript HTTP library, but for three hours, it ...
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する