"The malicious versions of the Axios npm package were published before being discovered and removed, with Google warning of potential far-reaching impacts due to the package's extensive use."
"Wiz estimates that Axios is downloaded roughly 100 million times per week and is present in about 80% of cloud and code environments, highlighting the scale of the risk."
"Google researchers indicated that the incident is separate from another major npm supply chain attack disclosed last week, emphasizing the ongoing vulnerabilities in software supply chains."
"Supply chain compromises often have a long tail, as infected code can persist in downstream projects long after malicious packages are removed, complicating remediation efforts."
A maintainer account for the Axios npm package was compromised, resulting in the publication of malicious versions targeting macOS, Windows, and Linux systems. Google researchers linked this activity to a North Korean group known as UNC1069, which has a history of targeting cryptocurrency and decentralized finance companies. Although the malicious versions were removed within three hours, the widespread use of Axios, downloaded approximately 100 million times weekly, raises concerns about potential far-reaching impacts. The method of access to the maintainer's GitHub account remains unclear.
Read at Axios
Unable to calculate read time
Collection
[
|
...
]