The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.
Arabian Post

Axios breach exposes npm supply chain risks

A compromise of the widely used Axios software package has triggered fresh concern over open-source security after attackers used a hijacked maintainer account to publish poisoned versions carrying ...
GovInfoSecurity

HHS Shuffles Internal Cyber, AI Oversight Back to CIO Office

The U.S. Department of Health and Services is reversing Biden-era changes, returning the Office of the National Coordinator ...

Reducing energy costs without new capital investment: PG&E’s tool lending library for ...

The Tool Lending Library is a free program that gives PG&E customers access to a wide range of professional‑grade energy and ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.