HealthcareInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Peacock: 14 of the Best Movies to Stream Right Now

Monty Python and the Holy Grail is the first full-length feature starring the legendary comedy group. The movie takes place ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...