IT之家 3 月 31 日消息，安全研究机构 StepSecurity 昨天发文称，主流 JavaScript 库 Axios 的两个 npm 版本 axios@1.14.1、axios@0.30.4 被恶意植入远程控制代码。 IT之家在此援引 StepSecurity，黑客劫持了 Axios 核心维护者“jasonsaayman”的 npm 账号，将邮箱替换为匿名的 ProtonMail ...

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were compromised.

OpenAI said on Friday it had identified a security issue involving a third-party developer tool called Axios and is taking steps to protect the process that certifies its macOS applications are ...

OpenAI reported a security issue related to third-party library Axios. The company said it found no evidence of compromised user data or altered systems. The ChatGPT maker is now are updating security ...