The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of ...

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...
Arabian Post

Axios breach jolts software supply chains

The malicious releases were available for about three hours before they were removed, but the brevity of the window has done little to calm alarm because Axios is one of the most heavily used HTTP ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...