Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...
Arabian Post

Axios breach jolts software supply chains

The malicious releases were available for about three hours before they were removed, but the brevity of the window has done little to calm alarm because Axios is one of the most heavily used HTTP ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...