Axios npm Poisoning: Hackers Hijack Your Dev Secrets via 100M Downloads
One npm install, and boom—your cloud keys are en route to a hacker's server. Axios, the unsung hero of JS networking, just got turned into a trojan horse.
One npm install, and boom—your cloud keys are en route to a hacker's server. Axios, the unsung hero of JS networking, just got turned into a trojan horse.
Your next npm install could drop a North Korean RAT on your machine. That's the brutal reality for devs worldwide after the Axios supply chain attack—and it's already hit finance, tech, and healthcare.