Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Morning Overview on MSN

Suspected North Korean hackers compromise widely used US software

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software ...
Detroit Free Press

Lifebit launches ‘RShiny Apps Deploy’ in its Trusted Research Environment

New RShiny Apps Deploy enables secure, scalable, no-code access to interactive analytics, empowering teams to build, share, and run apps within a governed TRE. LONDON ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
Ecommerce Fastlane

What Is CDN and Why It Matters for Your Store (2026)

What if you could make your site feel faster for shoppers around the world without moving your entire infrastructure? If ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...