The popular JavaScript HTTP client library Axios was compromised in a supply chain attack, impacting approximately 80% of cloud and code environments. The attacker exploited the npm access token of Axios's lead maintainer to publish two malicious versions, axios@1.14.1 and axios@0.3.4, which contained a cross-platform remote access trojan (RAT) targeting macOS, Windows, and Linux systems. These malicious packages were removed from the npm registry within three hours. Security firm Wiz reports that Axios is downloaded over 100 million times weekly, highlighting the widespread impact of the breach. Huntress, another security firm, detected the first infections just 89 seconds after the malicious packages were published, confirming at least 135 compromised systems. Despite Axios's implementation of modern security measures like OIDC trusted publishing and SLSA provenance, the attacker bypassed these protections by exploiting a traditional, long-lived NPM_TOKEN, which npm defaults to when both OIDC and the token are present.
Axios Library Compromised in Supply Chain Attack, Affecting 80% of Cloud Environments
This content is for informational purposes only and does not constitute investment advice.
SuperEx Popular Science Articles Column
This collection features informative articles about SuperEx, aiming to simplify complex cryptocurrency concepts for a wider audience. It covers the basics of trading, blockchain technology, and the features of the SuperEx platform. Through easy-to-understand content, it helps users navigate the world of digital assets with confidence and clarity.
Unstaked related news and market dynamics research
Unstaked (UNSD) is a blockchain platform integrating AI agents for automated community engagement and social media interactions. Its native token supports governance, staking, and ecosystem features. This special feature explores Unstaked’s market updates, token dynamics, and platform development.
XRP News and Research
This series focuses on XRP, covering the latest news, market dynamics, and in-depth research. Featured analysis includes price trends, regulatory developments, and ecosystem growth, providing a clear overview of XRP's position and potential in the cryptocurrency market.
How do beginners trade options?How does option trading work?
This special feature introduces the fundamentals of options trading for beginners, explaining how options work, their main types, and the mechanics behind trading them. It also explores key strategies, potential risks, and practical tips, helping readers build a clear foundation to approach the options market with confidence.
What are the risks of investing in cryptocurrency?
This special feature covers the risks of investing in cryptocurrency, explaining common challenges such as market volatility, security vulnerabilities, regulatory uncertainties, and potential scams. It also provides analysis of risk management strategies and mitigation techniques, helping readers gain a clear understanding of how to navigate the crypto market safely.