Dark Reading

Axios NPM Package Compromised in Precision Attack

The Axios JavaScript NPM package was recently compromised, representing one of the highest impact supply chain attacks against the open source development ecosystem in recent months. Axios is the most ...
CoinTelegraph

Supply chain attack hits Axios npm releases, users urged to rotate keys

Security companies flagged axios@1.14.1 and 0.30.4 as compromised, urging credential rotation and rollback of affected packages. Update March 31, 2026, 1:28 pm UTC: This article has been updated to ...
Yahoo

Axios reveals details of how US and Iran agreed on ceasefire

Add Yahoo as a preferred source to see more of our stories on Google. Axios has learnt that the United States and Iran have agreed on the parameters of a two-week ceasefire through intermediaries ...
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
Wall Street Journal

The Axios Hack: What to Know

A breach Tuesday of the widely used Axios software library is the latest in a string of incidents exposing risks in the systems that underpin how modern software is built. Developers use Axios to ...
SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
Computerworld

Why the axios supply chain attack should have Apple worried

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and national security consequences — even for Apple. The recent supply-chain ...
HHS

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...
IT News For Australia Business

Supply chain attack hits 100 million-download Axios npm package

A widely used JavaScript package used with over a hundred million weekly downloads has been compromised in a new supply chain attack to fetch a malware payload for Windows, Linux systems and macOS ...
Reuters

OpenAI projects $2.5 billion in ad revenue this year, $100 billion by 2030, Axios reports

April 9 (Reuters) - ChatGPT maker OpenAI expects to generate $2.5 billion in advertising revenue this year, with projections to reach $100 billion by 2030, Axios reported on Thursday, citing a source ...
The Star

North Korean hackers suspected in Axios software tool breach

The attack, designed to cover the hacker’s tracks, was one of the 'most operationally sophisticated supply chain attacks' ever documented against a large NPM, according to the StepSecurity analysis. — ...