Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
TechJuice

GlassWorm Escapes JavaScript Sandbox to Silently Spread Across Developer Tools

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Supply chain attack hits Axios npm releases, users urged to rotate keys

Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...
Bitcoin Magazine

NPM Attack: Javascript Library Compromise Goes After Bitcoin Wallets

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by bitcoin wallets. A major NPM developer, qix, has had their account compromised.

Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...
Analytics Insight

Axios Supply Chain Attack Exposes Crypto Wallets to Hidden Malware Risk

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer ...