Alert: The popular JavaScript library Axios was compromised via a sophisticated social engineering attack, highlighting the need for enhanced security in open-source projects. #CyberSecurity #OpenSource #SupplyChainAttack Link: thedailytechfeed.com/axios-npm-pa...

North Korean group UNC1069 exploits Axios maintainer in sophisticated npm supply chain attack. Open-source maintainers, bolster your security! #CyberSecurity #SupplyChainAttack #OpenSource Link: thedailytechfeed.com/north-korean...

Alert: Microsoft details mitigation steps for the recent Axios npm supply chain attack. Developers urged to rollback to safe versions and audit systems. #CyberSecurity #SupplyChainAttack #Axios Link: thedailytechfeed.com/microsoft-re...

Inside TeamPCP’s Shell Arsenal NOTE: This focuses exclusively on the Shells used by TeamPCP in various campaigns that resulted in the massive Supply Chain Attacks.  INTRODUCTION In March 2026, multiple GitHub projects were attac…

Here by sharing the latest Research on TeamPCP's Shells used in Supply Chain Attacks!

theravenfile.com/2026/04/02/i...

#CyberSecurity #CyberSec #infosec #Security #OSINT #Hack #Malware #TeamPCP #Shell #Script #Analysis #SupplyChainAttack

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069. Maintainer Jason Saayman said the attackers tailored their social engineering efforts "specifically to me" by first approaching him under the guise of the founder of a

iT4iNT SERVER UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack VDS VPS Cloud #CyberSecurity #SupplyChainAttack #SocialEngineering #npm #Axios

March 2026 Supply Chain Attacks: TeamPCP & Axios Analyzed A technical breakdown of the March 2026 supply chain attacks, examining how threat actors like TeamPCP and UNC1069 compromised Trivy, LiteLLM, and Axios—and how to stop them.

The March 2026 supply chain attacks are rewriting the rules of developer security. 🚨

Read the full deep-dive: www.security.land/2026-supply-...

#SecurityLand #BreachBreakdown #SupplyChainAttack #NPM #Cybersecurity #Axios #Trivy #TeamPCP #UNC1069

Don’t trust, verify

https://daniel.haxx.se/b

#supplyChainAttack

The Axios npm attack exposed a massive supply chain blind spot: `postinstall` scripts. North Korea-linked hackers deployed a RAT via a trusted package. Are your dev machines safe?

thepixelspulse.com/posts/axios-supply-chain...

#axios #npm #supplychainattack

North Korean group UNC1069 compromised the Axios npm package, deploying cross-platform malware via a sophisticated supply chain attack. Stay vigilant! #CyberSecurity #SupplyChainAttack #UNC1069 Link: thedailytechfeed.com/north-korean...

Security Week Home SecurityWeek provides cybersecurity news and information to global enterprises, with expert insights & analysis for IT security professionals

🚨 Mercor confirmed it was hit by data breach linked to LiteLLM supply-chain incident. The hacking group Lapsus$ claims have stolen 4TB: source code, Slack logs, videos. Malicious code was injected into LiteLLM versions 1.82.7 and 1.82.8. #CyberSecurity #Infosec #LiteLLM #Mercor #SupplyChainAttack

One npm package. Millions affected. Supply chain attacks are now the biggest dev risk.

#TrendThursday #CyberSecurity #SupplyChainAttack #npm #DevSecOps

Alert: North Korean hackers have compromised the popular Axios JavaScript library, distributing malware to millions. Developers, ensure your systems are secure! #CyberSecurity #OpenSource #SupplyChainAttack Link: thedailytechfeed.com/north-korean...

Alert: The popular Axios JavaScript library has been compromised, spreading cross-platform malware. Developers and users, ensure your dependencies are secure! #CyberSecurity #SupplyChainAttack #Axios Link: thedailytechfeed.com/supply-chain...

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069 accomplish stealthy execution without read more about Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069 reconbee.com/google-attri...

#google #Axiosnpm #supplychainattack #northkoreangroup #UNC1069 #cyberattack #Axios #cybersecurity

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069 Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. "We have attributed the attack to a suspected North Korean threat actor we track as UNC1069," John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told The Hacker News in a statement. "North Korean

iT4iNT SERVER Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069 VDS VPS Cloud #Google #Axios #SupplyChainAttack #NorthKorea #CyberSecurity

⚠️ Ataque masivo a proyecto open source: Hackers norcoreanos en el punto de mira

devops.com/north-korean-hackers-sus...

#Ciberseguridad #OpenSource #SupplyChainAttack #DevSecOps

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigatin...

#npm
#SupplyChainAttack

www.stepsecurity.io/blog/axios-c...

watch out foks
https://opensourcemalware.com/blog/axios-compromised

#axios #SupplyChainAttack

Alert: Hackers have backdoored the Telnyx Python SDK on PyPI, aiming to steal developer credentials. Ensure your packages are secure! #CyberSecurity #Python #SupplyChainAttack Link: thedailytechfeed.com/hackers-comp...

Hackers Poison Axios npm Package with 100 Million Weekly Downloads Axios npm Package compromised in a supply chain attack, exposing developers to a stealth RAT, data theft, and full system takeover risks worldwide.

Hackers poisoned the Axios npm Package, one of the most widely used libraries with 100M weekly downloads. A stealth RAT enabled data theft and full system access during a short but critical window.

Read: hackread.com/hackers-pois...

#Axios #npm #CyberSecurity #SupplyChainAttack #Malware

Yup another 'Infamous' supply chain attack, you can read our full report @ basefortify.eu/posts/2026/0...

#Axios #NPM #Cybersecurity #SupplyChainAttack

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two

Tož tohle je pořádnej průšvih, zvlášť pro ty, co pro mě totálně nepochopitelně, používají AI coding tooly bez sandboxu.

thehackernews.com/2026/03/axios-supply-cha...

#axios #SupplyChainAttack

Axios supply chain attack ⚠️

Compromised npm account → malicious package → cross-platform RAT.

If you used affected versions, assume compromise.
www.technadu.com/axios-supply...

#CyberSecurity #SupplyChainAttack #DevSecOps

Alt text: Blue gradient background with the word “AXIOS” in large white letters, representing the widely used JavaScript HTTP client library involved in a recent supply chain attack.

🚨 Attackers hijacked the Axios npm package to deliver a cross-platform Remote Access Trojan (RAT).

A single malicious dependency turned a trusted library into an attack vector.

Read the full breakdown:
basefortify.eu/posts/2026/0...

#CyberSecurity #SupplyChainAttack #npm #DevSecOps

Original post on mastodon.social

UK registered organisations can apply for a share of up to £5 million for collaborative projects that enable adoption of the Government's Software Security Code of Practice to drive growth of secure and resilient software supply chains.

Competition closes: Wednesday 29 April 2026 11:00am […]

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two versions were published using the compromised npm credentials of the primary Axios

iT4iNT SERVER Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account VDS VPS Cloud #SupplyChainAttack #CyberSecurity #Axios #Malware #npm

Is TikTok Too Risky for Businesses? Here’s the Cyber Security Verdict… From a security point of view, should you worry about your people using TikTok? Depends who you ask. And when.

That 'free' social media tool connected to your company account got breached. Now hackers have your keys via your vendor's terrible code. 30% of 2025 breaches were third-party. 🔓 #SupplyChainAttack #ThirdPartyRisk #FreeIsNeverFree
www.linkedin.com/pulse/tiktok...

Trivy Scanner Hit by Major Supply Chain Attack  Aqua Security's popular open-source vulnerability scanner, Trivy, has been compromised in an ongoing supply chain attack that began in late February 2026 and escalated dramatically by mid-March. Threat actors exploited misconfigurations in Trivy's GitHub Actions workflows, stealing privileged tokens to gain persistent access to repositories and release processes.  This breach turned a trusted DevSecOps tool—boasting over 32,000 GitHub stars—into a vector for credential theft across countless CI/CD pipelines worldwide. The attack unfolded in phases, starting with a token theft from a misconfigured GitHub Action on February 28, allowing initial foothold establishment. By March 19, attackers force-pushed malicious code to 76 of 77 tags in aquasecurity/trivy-action and all 7 in setup-trivy, repointing versions like v0.69.4 to infostealer payloads. The malware executed stealthily: it harvested GitHub tokens, cloud credentials, and SSH keys, encrypted them in tpcp.tar.gz archives, exfiltrated to scan.aquasecurtiy[.]org, then ran legitimate Trivy scans to avoid detection. Malicious Docker images under tags like latest, 0.69.5, and 0.69.6 further spread the threat via container registries. Despite Aqua Security's credential rotations after the initial incident, incomplete measures let attackers reestablish access, leading to repository tampering detected on March 22. This persistence mirrors trends in SaaS supply chain attacks, from SolarWinds to recent exploits, where upstream compromises cascade downstream. The "Team PCP" actors have struck Trivy three times in under a month, highlighting eviction challenges in automated environments. Trivy's vast adoption amplifies the blast radius, potentially exposing secrets in thousands of organizations' pipelines. Microsoft and others urge auditing workflows using compromised tags, as successful scans masked the theft. This incident underscores vulnerabilities in mutable tags and over-privileged runners, eroding trust in open-source security tools.  To mitigate, pin GitHub Actions to immutable commit SHAs instead of tags, rotate all exposed secrets, and adopt OIDC for short-lived credentials. Harden CI/CD privileges, monitor SaaS integrations continuously, and audit Trivy executions since March 1. Aqua Security continues remediation with partners like Sygnia, but organizations must proactively secure their supply chains against such "side door" threats.

Trivy Scanner Hit by Major Supply Chain Attack #GitHub #SupplyChainAttack #TrivyScanner

TeamPCP Uses Fake Ringtone File in Tainted Telnyx SDK to Steal Credentials TeamPCP hackers planted malicious code in tainted Telnyx Python SDK versions using a fake ringtone file to steal credentials, crypto wallets, and keys.

#TeamPCP strikes again. Hackers hid credential-stealing malware inside a fake ringtone file in tainted #Telnyx SDK versions, targeting developers via a supply chain attack.

Read: hackread.com/teampcp-fake...

#CyberSecurity #DataBreach #SupplyChainAttack #Malware

Alert: The Telnyx Python SDK on PyPI has been compromised in a major supply chain attack by TeamPCP. Developers, update immediately and rotate credentials! #CyberSecurity #SupplyChainAttack #PyPI Link: thedailytechfeed.com/telnyx-pypi-...