Tag: Axios

  • Axios npm hack used fake Teams fix

    Axios npm hack used fake Teams fix

    The Axios npm hack started with a fake Microsoft Teams scenario, not a code flaw. Attackers targeted a maintainer directly and used social engineering to gain access. That single compromise allowed them to push malicious updates to a widely used package. The incident shows how supply chain attacks now begin with people, not vulnerabilities. Attackers…

  • Axios npm compromise spreads malware through poisoned packages

    Axios npm compromise spreads malware through poisoned packages

    The Axios npm compromise exposed developers to a supply chain attack that spread malware through poisoned package updates. Attackers hijacked a maintainer account and pushed malicious versions of the widely used library. This incident shows how quickly a trusted dependency can become a threat across thousands of projects. Attackers hijack trusted package Attackers gained access…