Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

Atlanta Public Schools, Fulton officials hesitant to extend TADs

Representatives from Fulton County and Atlanta Public Schools are hesitant to set aside revenue for Mayor Andre Dickens' plan ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axi…

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

Tottenham confirm appointment of De Zerbi as new manager

BREAKING: Roberto De Zerbi appointed Tottenham manager on a five-year contract. De Zerbi: "I am delighted to be joining this ...
AARP

Actor Lisa Kudrow, 62, on the Best Part of Getting Older

Kudrow is closing out The Comeback, the HBO series she cocreated, cowrote and starred in across three seasons and lasted more ...

Artemis II crew 'safe, secure and in great spirits', Nasa says after spectacular Moon mission launch

The crew on the 10-day mission won't land on the Moon, but plan to circle it, while travelling further from Earth than anyone ...

AI finds critical ImageMagick vulnerabilities in default configurations

An AI pentesting tool has discovered critical vulnerabilities in default ImageMagick configurations. Workarounds offer ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
The Week

'Always-on agent' and AI pet 'Buddy': Anthropic’s Claude source code leak reveals hidden features

Anthropic's accidental leak has exposed Claude AI's internal code, revealing several unreleased features like Buddy, KAIROS ...
Computing

Hackers compromise Axios, one of the most widely used software libraries

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...