Experts pin attack on “one of npm's most depended-on packages” on hackers backed by the Democratic People’s Republic of Korea ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

North Korean hackers compromised the widely used Axios JavaScript library to infiltrate US companies and steal cryptocurrency ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...

The maintainer of the popular npm package Axios has revealed how attackers were able to take over his account and ...

Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

Spread the loveIn a significant revelation in the landscape of cybersecurity, Google has attributed a recent supply chain attack targeting the popular Axios npm package to a North Korean threat group ...