Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
The Tech Edvocate

North Korean Hackers Target Axios NPM Package: A Wake-Up Call for JavaScript Developers

Spread the loveIn a significant security incident that has sent shockwaves through the developer community, a North Korean state-sponsored hacking group has successfully compromised the popular Axios ...
Morning Overview on MSN

Suspected North Korean hackers compromise widely used US software

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...