Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

Iran launches fresh strikes on Israel and Gulf nations overnight, with fires reported at Kuwait's Mina al-Ahmadi oil refinery ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

'This is unironically a malware nuclear missile.' ...

�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest [email protected] now pulls ...

Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous but widely used software package, ...

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

The MarketWatch News Department was not involved in the creation of this content. -- ThreatDown's EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...