Axios NPM Package Compromised in Precision Attack

Summary

The NPM package for Axios, a widely-used JavaScript HTTP client library, was compromised this week in what appears to be a targeted supply-chain attack. Initial indicators suggest possible involvement by North Korean threat actors. The compromise was brief, suggesting either rapid detection or a limited, surgical operation aimed at specific downstream users.

Indicators of Compromise

• malware — Axios NPM package compromise