Tag: supply-chain
-
North Korean hackers linked to Axios npm supply chain compromise
The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/01/north-korean-hackers-linked-to-axios-npm-supply-chain-compromise/
-
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking group ShinyHunters has claimed responsibility for the attack, alleging they stole sensitive source code and data affecting Cisco, Salesforce, Aura, and various AWS storage buckets. The breach stems from a recent supply chain attack involving…
-
Google Says North Korea Was Behind the Axios npm Supply Chain Attack
A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat actor, turning what already looked like a serious open-source incident into a much bigger security story. Google Threat Intelligence Group said the attack targeted the official Axios package on npm and attributed the activity to……
-
SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code
SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based security detected and blocked a supply chain attack involving a compromised LiteLLM package. SentinelOne’s macOS agent detected and stopped a malicious process chain triggered by Claude Code after it unknowingly installed a compromised LiteLLM package. The…
-
AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM
Tags: ai, attack, breach, cyberattack, data, data-breach, malicious, open-source, risk, software, startup, supply-chainA recent Mercor cyberattack has brought renewed attention to the risks associated with open-source software dependencies, after the AI recruiting startup confirmed it was impacted by a broader supply chain compromise. The Mercor data breach, which is still under investigation, has been linked to a malicious incident involving the widely used LiteLLM project. First seen…
-
AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM
Tags: ai, attack, breach, cyberattack, data, data-breach, malicious, open-source, risk, software, startup, supply-chainA recent Mercor cyberattack has brought renewed attention to the risks associated with open-source software dependencies, after the AI recruiting startup confirmed it was impacted by a broader supply chain compromise. The Mercor data breach, which is still under investigation, has been linked to a malicious incident involving the widely used LiteLLM project. First seen…
-
UK manufacturers under cyber fire with 80% reporting attacks
ESET says factory outages, lost revenue, and supply chain disruption are becoming routine First seen on theregister.com Jump to article: www.theregister.com/2026/04/01/uk_manufacturer_cyberattacks/
-
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
-
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
-
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069.”We have attributed the attack to a suspected North Korean threat actor we track as UNC1069,” John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told The Hacker News…
-
Nach Trivy-Hack: Hacker sollen Quellcode von Cisco erbeutet haben
Der Supply-Chain-Angriff auf Trivy hat Folgen. Die Angreifer sollen an Daten aus Github-Repos und AWS-Konten von Cisco gelangt sein. First seen on golem.de Jump to article: www.golem.de/news/nach-trivy-hack-hacker-sollen-quellcode-von-cisco-erbeutet-haben-2604-207140.html
-
Axios Front-End Library npm Supply Chain Poisoning Alert
Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of the project, changed the account email address of the axios maintainer to an anonymous ProtonMail address, and manually released a malicious version…The…
-
NPM Supply Chain Attack Uses undicy-http to Deploy RAT
A highly sophisticated npm supply chain attack that abuses a fake HTTP client package to deliver both a powerful RAT and a stealthy browser stealer. The malicious package, undicy-http@2.0.0, was uploaded to npm to impersonate undici, the official HTTP client widely used in Node.js projects. Despite the similar name, it contains no HTTP client logic;…
-
Technical Advisory: Axios npm Supply Chain Attack Cross-Platform RAT Deployed via Compromised Maintainer Account
<div cla [CRITICAL] – Active RAT – Malicious npm versions removed – Assess all systems that ran npm install during exposure window First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/technical-advisory-axios-npm-supply-chain-attack-cross-platform-rat-deployed-via-compromised-maintainer-account/
-
Axios npm Attack Deploys Cross-Platform RAT
A compromised Axios package briefly deployed a cross-platform RAT, highlighting supply chain risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/axios-npm-attack-deploys-cross-platform-rat/
-
Axios Compromise on npm Introduces Hidden Malicious Package
<div cla A newly discovered software supply chain attack targeting the npm ecosystem briefly compromised one of the most widely used JavaScript libraries in the world. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/axios-compromise-on-npm-introduces-hidden-malicious-package/
-
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Tags: ai, attack, breach, cloud, control, credentials, crypto, github, incident response, linux, LLM, macOS, malicious, malware, monitoring, open-source, openai, powershell, pypi, rat, spam, supply-chain, tool, windowspostinstall hook that would execute a dropper script when it was pulled in by a different package as a dependency.Shortly after midnight UTC on March 31 a new version of the Axios package, axios@1.14.1, was published on npm followed by axios@0.30.4 39 minutes later. Both listed plain-crypto-js@4.2.1 as a dependency in their package.json files, but…
-
Google links axios supply chain attack to North Korean group
Google Threat Intelligence Group (GTIG) joined several other researchers in attributing the attack to a North Korean threat actor they call UNC1069. SentinelOne found the same group using macOS-based malware in attacks dating back to 2023. First seen on therecord.media Jump to article: therecord.media/google-links-axios-supply-chain-attack-north-korea
-
Supply chain attack on Axios npm package: Scope, impact, and remediations
Tags: access, api, attack, breach, cloud, control, credentials, crypto, data, data-breach, defense, exploit, incident response, macOS, malicious, malware, open-source, rat, risk, security-incident, software, supply-chain, theft, threat, vulnerability, windowsThe Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft, including the loss of credentials and API keys. Scan your environment now. Key takeaways This incident is a…
-
Attackers hijack Axios npm account to spread RAT malware
Threat actors hijacked the npm account of Axios to distribute RAT malware via malicious package updates. Threat actors compromised the npm account of Axios, a widely used library with over 100M weekly downloads, and published malicious versions to spread remote access trojans across Linux, Windows, and macOS. The supply chain attack was identified by multiple…
-
Cisco source code stolen in Trivy-linked dev environment breach
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach/
-
Axios supply chain attack chops away at npm trust
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/axios-supply-chain-attack-chops-away-at-npm-trust/
-
Attack on axios software developer tool threatens widespread compromises
Researchers at numerous firms are sounding warnings about the supply-chain attack on an open-source project with 100 million weekly downloads. First seen on cyberscoop.com Jump to article: cyberscoop.com/axios-software-developer-tool-attack-compromise/
-
How we made Trail of Bits AI-native (so far)
Tags: access, ai, application-security, attack, automation, blockchain, business, ceo, chatgpt, computer, computing, conference, control, data, email, germany, government, identity, injection, jobs, macOS, marketplace, nvidia, open-source, risk, service, skills, strategy, supply-chain, technology, threat, tool, vulnerabilityThis post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to move. We built a system instead.…
-
Hackers Poison Axios npm Package with 100 Million Weekly Downloads
Axios npm Package compromised in a supply chain attack, exposing developers to malware, data theft, and full system takeover risks worldwide. First seen on hackread.com Jump to article: hackread.com/hackers-poison-axios-npm-package-100m-downloads/
-
Axios NPM Packages Breached in Ongoing Supply Chain Attack
A severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a malicious dependency into specific Axios releases, exposing millions of developers to a multi-stage remote access trojan capable of executing arbitrary commands and stealing system data. The malicious Axios versions, 1.14.1 and 0.30.4, were published directly…
-
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/teampcp-exploit-stolen-supply/
-
Axios npm packages backdoored in supply chain attack
An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/axios-npm-backdoored-supply-chain-attack/
-
Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines
Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios First seen on theregister.com Jump to article: www.theregister.com/2026/03/31/axios_npm_backdoor_rat/