Add Yahoo as a preferred source to see more of our stories on Google. Axios has learnt that the United States and Iran have agreed on the parameters of a two-week ceasefire through intermediaries ...

This week’s hack of Axios, a widely used software package, has been traced to an elaborate AI deepfake from suspected North Korean hackers that was convincing enough to trick a developer into ...

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...

Suspected North Korean hackers have bugged a software package that has been used by thousands of US companies in a major supply-chain attack that could take months to recover from, security experts ...

A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised. On ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

Update March 31, 2026, 1:28 pm UTC: This article has been updated to add comments from Abdelfattah Ibrahim, senior offensive security engineer at Hacken. Two malicious Axios npm releases have prompted ...

Security companies flagged axios@1.14.1 and 0.30.4 as compromised, urging credential rotation and rollback of affected packages. Two malicious Axios npm releases have prompted warnings for developers ...

The Axios JavaScript NPM package was recently compromised, representing one of the highest impact supply chain attacks against the open source development ecosystem in recent months. Axios is the most ...

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and national security consequences — even for Apple. The recent supply-chain ...