axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.

📢 PUBLIC SERVICE ANNOUNCEMENT 📢

There’s a nasty RAT (Remote Access Trojan) exploit in #Axios.

- #Fireship overview: www.youtube.com/watch?v=o7N...
- Check if you’re compromised (via #StepSecurity): tinyurl.com/38mx9dve

#JavaScript #WebDev #npm

Original post on techzine.eu

Axios npm package compromised, posing a new supply chain threat Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked maintainer a...

#Security #axios #Javascript #malware #npm #RAT #Remote […]

[Original post on techzine.eu]

Self-Replicating Worm Hits 180+ Software Packages At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

#CyberNews #GitHub #StepSecurity
#WhiteHat #BlackHat #RedTeam #BlueTeam
Publish secrets via TJ action change-files directly to build logs.
Mitigated, but #CyberSecurity is knowing first what can or may be possible, and has been done.

www.stepsecurity.io/blog/harden-...