On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

More than a few voters could find themselves unsatisfied with the Liberals and open to a hard-left turn in future elections ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before ...

A chain of vulnerabilities is letting attackers steal sensitive info from iPhones.

The US Cybersecurity and Infrastructure Security Agency (CISA) has told all federal civilian agencies to patch a critical ...

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...