Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
InfoWorld

What front-end engineers need to know about AWS

Your "buggy" UI might actually be AWS doing its job; learning how the cloud handles your code makes debugging faster and your ...
PC World

USB data recovery: How to recover deleted files from USB

USB flash drives are portable data storage options that allow users to store and move files between computers and other devices. Unintentional deletions, virus assaults, formatting errors, or system ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Infosecurity Magazine

New 'Storm' Infostealer Remotely Decrypts Stolen Credentials

Security researchers at Varonis have uncovered a new information stealer malware (infostealer) strain that harvests browser ...