Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

'This is unironically a malware nuclear missile.' ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...