OpenClaw又又又危!Axios npm被投毒,植入全平台木马

今日,Axios这个年下载量超36亿、JavaScript 生态最核心的依赖之一,在 npm ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Axios npm版本遭恶意植入远程控制代码 开发者需警惕并自查

安全研究机构StepSecurity近日披露,知名Java库Axios的两个npm版本——axios@1.14.1和axios@0.30.4,遭黑客植入恶意代码。此次攻击通过劫持核心维护者“jasonsaayman”的npm账号实施,黑客将账号邮箱替换为匿名ProtonMail地址后,绕过GitHub ...