Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

硬撑15年、仅1台服务器、8GB内存:他用一堆“淘汰” 技术,让50+万人 ...

当下主流互联网架构的“标准答案”,大概是这样的:Kubernetes + 微服务 + 自动扩缩容 + 云原生 + 前后端分离 + React/Vue + 分布式数据库…… 但有一个项目,却用最“反潮流”的架构硬生生活了 15 年——它叫 ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...