Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems.
Versions 1.14.1 and 0.30.4 of Axios have been found to inject “plain-crypto-js” version 4.2.1 as a fake dependency.
According to StepSecurity, the two

Source

What's Hot

US Thwarts DNS Hijacking Network Controlled by Russian APT28 Hackers

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploit

US Thwarts DNS Hijacking Network Controlled by Russian APT28 Hackers

Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploit

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Our Picks

Common Apple Pay scams, and how to stay safe

Here’s what you should know

Mobile app permissions (still) matter more than you may think

Subscribe to Updates

What's Hot

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Related Posts

Subscribe to Updates