HUGE npm axios supply chain attack

https://www.huntress.com/blog/supply-chain-compromise-axios-npm-package
https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
https://socket.dev/blog/axios-npm-package-compromised
https://socket.dev/npm/package/plain-crypto-js/files/4.2.1/setup.js
https://www.aikido.dev/blog/axios-npm-compromised-maintainer-hijacked-rat
https://gist.github.com/joe-desimone/36061dabd2bc2513705e0d083a9673e7
https://github.com/axios/axios/blob/v1.x/.github/workflows/deprecate.yml

Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training
See what else I’m up to with: https://jh.live/newsletter

ℹ️ Affiliates:
Learn how to code with CodeCrafters: https://jh.live/codecrafters
Host your own VPN with OpenVPN: https://jh.live/openvpn
Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefenseJohn HammondRead More