FlareStart
Back to articles
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
NewsSecurity

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

via The Hacker Newsinfo@thehackernews.com (The Hacker News)

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two versions were published using the compromised npm credentials of the primary Axios

Continue reading on The Hacker News

Opens in a new tab

Read Full Article
6 views

Related Articles

Use Calculation Groups to Eliminate Redundant Measures in Power BI
News

Use Calculation Groups to Eliminate Redundant Measures in Power BI

Medium Programming1h ago

8 Wireshark Patterns That Instantly Signal Something Is Wrong
News

8 Wireshark Patterns That Instantly Signal Something Is Wrong

Medium Programming2h ago

Let the commits tell the story
News

Let the commits tell the story

Lobsters2h ago

Good CTE, bad CTE
News

Good CTE, bad CTE

Lobsters2h ago

Weekly Digest #264
News

Weekly Digest #264

Medium Programming2h ago

Discover More Articles