Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Dark Reading

Axios NPM Package Compromised in Precision Attack

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Infosecurity Magazine

Hackers Hijack Axios npm Package to Spread RATs

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
PCMag on MSN

Hacker tries to spread malware to millions by hitting 'Axios NPM' software

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...
NewsBytes

Axios hacked March 30, malware pushed through npm packages

A hacker has manipulated a widely-used JavaScript library, Axios, to distribute malware, potentially compromising millions of ...

Supply chain attack hits Axios npm releases, users urged to rotate keys

Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...