Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Ryan Gosling’s Blockbuster New Movie Is a Big Win for a Very Particular Kind of Man

Project Hail Mary is now Amazon MGM’s highest-grossing movie ever and the highest-grossing movie of 2026 so far. And the new ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
PCMag

Hacker Tries to Spread Malware to Millions by Hitting 'Axios NPM' Software

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...