GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Reducing energy costs without new capital investment: PG&E’s tool lending library for businesses

The Tool Lending Library is a free program that gives PG&E customers access to a wide range of professional‑grade energy and ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
Silicon CanalsOpinion

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain hijack

The most widely used JavaScript HTTP library on the internet — embedded in millions of production applications, relied on by ...

Alleged North Korean Hack Of US Companies Could Take 'Months' To Recover From

Discover the details of the North Korean hack on Axios software. We explain how the UNC1069 group is stealing US ...

Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...
The Armenian Weekly

NAASR’s Mardigian Library receives Kalfayan collection

The National Association for Armenian Studies and Research (NAASR) announced the donation of an extraordinary book collection ...
Analytics Insight

Best Python Libraries to Speed Up Automation in 2026

Overview Modern Python automation now relies on fast tools like Polars and Ruff, which help cut down processing time and ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

How North Korean hackers used fake Teams updates to compromise the Axios library

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...