theAIcatchup

North Korea's UNC1069 Turns Axios into a Global Backdoor Dropper

Imagine installing a routine NPM update—and unwittingly inviting North Korean hackers into your machine. That's exactly what UNC1069 did to Axios, the HTTP kingpin with 100M+ weekly downloads.

4 min read 4 weeks, 1 day ago

Elastic Security Labs diagram of UNC1069's Axios NPM supply chain attack payload flow

North Korea's UNC1069 Turns Axios NPM into Cross-Platform Trapdoor

Google's just named North Korea's UNC1069 as the crew behind the Axios npm hijack. It's a slick supply chain play, dropping cross-platform backdoors on devs worldwide.

5 min read 1 month ago

#axios-npm-attack

North Korea's UNC1069 Turns Axios into a Global Backdoor Dropper

North Korea's UNC1069 Turns Axios NPM into Cross-Platform Trapdoor