On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, ...

North Korea-linked hackers have launched a significant cyberattack on Axios, a popular JavaScript library, raising concerns ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

SEOUL — Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, Google analysts and other cybersecurity experts said on Wednesday. The ...

North Korean hackers compromised the widely used Axios JavaScript library to infiltrate US companies and steal cryptocurrency ...

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and scaffolding for an unreleased agent.

Spread the loveIn a significant revelation in the landscape of cybersecurity, Google has attributed a recent supply chain attack targeting the popular Axios npm package to a North Korean threat group ...