BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News🔴 Breach
🔴 BreachFortinet PSIRT·51d ago

Axios npm Package Compromised

On March 31, 2026, the Axios npm package was compromised via a maintainer account takeover. Two malicious versions were published - [email protected] and [email protected] - which introduced a hidden dependency ([email protected]) able to execute a post‑install script deploying a cross‑platform Remote Access Trojan (RAT) on Windows, macOS, and Linux systems. Revised on 2026-04-14 00:00:00

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by Fortinet PSIRT

Source: https://fortiguard.fortinet.com/psirt/FG-IR-26-126

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin