"The RAT is capable of a range of threats, from running arbitrary commands to exfiltrating system data to establishing persistence on infected machines, according to Socket researchers."
"The broad adoption of axios, which offers a simple and feature-rich way to manage HTTP requests in browser-based and Node.js environments, in the industry is a significant factor in the attack."
"The blast radius of yesterday's Axios npm supply chain attack is broad and extends to other popular packages that have dependencies on it, Charles Carmakal, CTO of Google."
North Korean hackers compromised the npm account of the primary maintainer of axios, a widely used JavaScript library. They published two malicious versions that included a hidden runtime dependency, which installed a remote access trojan (RAT) when developers ran npm install. This RAT could execute commands, exfiltrate data, and maintain persistence on infected systems. The axios library's extensive use in various applications contributed to the attack's broad impact, affecting many organizations that rely on it, even indirectly.
Read at DevOps.com
Unable to calculate read time
Collection
[
|
...
]