Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account
Complete Cloud Security in Minutes – Orca Security
2026-04-01 02:27:04
收藏
On March 31, 2026, attackers compromised the primary maintainer account of the axios npm package and published two malicious versions that silently installed a cross-platform Remote Access Trojan (RAT) on macOS, Windows, and Linux systems. Axios is one of the most widely used JavaScript libraries, with roughly 100 million weekly downloads and over 174,000 dependent […]
The post Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account appeared first on Orca Security.
目录
最新
- GenAI Risks in Cloud Environments: What Security Teams Are Actually Missing in 2026
- What Is Multi-Cloud Security?
- What Is Cloud Detection and Response (CDR)?
- Linux kernel vulnerability enables local theft of SSH host keys and /etc/shadow
- 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated DoS and Potential RCE
- Announcing Cloud Security Agent Skills for Orca’s MCP Server
- TanStack and 160+ npm/PyPI Packages Compromised in Supply Chain Worm Attack
- Dirty Frag: Linux Kernel Vulnerability Chain Enables Local Privilege Escalation to Root