{ads}

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Written By Tuesday, 31 March 2026 Add Comment



March 31, 2026 at 11:38AM

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two versions were published using the compromised npm credentials of the primary Axios

from The Hacker News https://ift.tt/3HPhjmV

0 Response to "Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads