A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat actor, turning what already looked like a serious open-source incident into a much bigger security story. Google Threat Intelligence Group said the attack targeted the official Axios package on npm and attributed the activity to…
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/04/google-says-north-korea-was-behind-the-axios-npm-supply-chain-attack/
