Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...

Forty-five million weekly downloads. One compromised maintainer. Three hours of exposure before anyone noticed.

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A hacker has manipulated a widely-used JavaScript library, Axios, to distribute malware, potentially compromising millions of ...