Axios compromised on NPM – Malicious versions drop remote access trojan
Two malicious versions of the axios HTTP client library, axios@1.14.1 and axios@0.30.4, were published to npm using compromised credentials of a lead maintainer. The attacker altered the maintainer's email to a ProtonMail address and manually published the malicious packages, which included a remote access Trojan.
stepsecurity.io
17 min
7h ago
Axios compromised on NPM – Malicious versions drop remote access trojan
Two malicious versions of the axios HTTP client library, axios@1.14.1 and axios@0.30.4, were published to npm using compromised credentials of a lead maintainer. The attacker altered the maintainer's email to a ProtonMail address and manually published the malicious packages, which included a remote access Trojan.
stepsecurity.io
17 min
7h ago
Axios compromised on NPM – Malicious versions drop remote access trojan
Two malicious versions of the axios HTTP client library, axios@1.14.1 and axios@0.30.4, were published to npm using compromised credentials of a lead maintainer. The attacker altered the maintainer's email to a ProtonMail address and manually published the malicious packages, which included a remote access Trojan.
stepsecurity.io
17 min
7h ago
No more articles to load