BetaIT-Hub is in early access โ€” your feedback helps us improve. Use the chat or email [email protected]

Newsโ€บ๐Ÿ”ด Breach
๐Ÿ”ด BreachThe Hacker Newsยท64d ago

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two versions were published using the compromised npm credentials of the primary Axios

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by The Hacker News

Source: https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin