ダウンロード数1億超、人気ライブラリ「Axios」を襲ったサプライ ...

オープンソースのJavaScript ...
Morning Overview on MSN

North Korea-linked hackers used fake Teams updates to hit Axios npm

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

Azure SDK for JavaScript、Node.js 20.xのサポートを7月9日に終了

Microsoftは4月6日(現地時間)、Azure SDK for JavaScriptにおけるNode.js 20.xのサポートを7月9日(現地時間)に終了すると発表した。 Node.js ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...