Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Morning Overview on MSN

Suspected North Korean hackers compromise widely used US software

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software development, by hijacking a maintainer’s npm account and publishing tainted ...
Cyber Daily

Code red: North Korean hackers behind compromised Axios npm package

Experts have pinned the attack on “one of npm’s most depended-on packages” on hackers backed by the Democratic People’s ...