Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
Nextgov

Anthropic’s Glasswing initiative raises questions for US cyber operations

Intelligence officials and industry are weighing how Claude Mythos Preview could reshape hacking and cyberdefense. The ...
Silicon CanalsOpinion

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain hijack

The most widely used JavaScript HTTP library on the internet — embedded in millions of production applications, relied on by ...

Iran warns it will respond if Israeli attacks on Lebanon don't stop immediately

Earlier Israel said it carried out its "biggest strike" since the start of its ground operation in Lebanon, after saying the ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

How North Korean hackers used fake Teams updates to compromise the Axios library

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...
Silicon Canals

A three-hour window: North Korean hackers compromised the Axios library and exposed thousands of systems

Forty-five million weekly downloads. One compromised maintainer. Three hours of exposure before anyone noticed.

Alleged North Korean Hack Of US Companies Could Take 'Months' To Recover From

Discover the details of the North Korean hack on Axios software. We explain how the UNC1069 group is stealing US ...