criticalMalware & Threats
Axios NPM Package Compromised via Stolen Token, RAT Deployed to 100M Weekly Downloads
The axios NPM package, downloaded 100 million times weekly, was compromised through a stolen authentication token. Malicious versions deployed a cross-platform remote access trojan to developer machines during routine npm install operations.
Sam Bent
supply-chainnpmremote-access-trojan