The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
On March 30-31, 2026, threat actors published two malicious versions of the popular HTTP library axios (versions 1.14.1 and 0.30.4) to the npm registry. Both versions included a new dependency named ...
The Axios JavaScript NPM package was recently compromised, representing one of the highest impact supply chain attacks against the open source development ecosystem in recent months. Axios is the most ...
A supply-chain attack on the widely used Axios JavaScript library has raised fresh concern over the fragility of open-source software distribution after attackers slipped malicious code into two ...
A vulnerability report was posted on StepSecurity regarding the Axios JavaScript library, which was compromised when the maintainer account was hijacked. You can read the full report here. From the ...
We're passionate about making open source sustainable. Scan your dependancy tree to better understand which open source projects need funding the... Hopper provides a secure open-source registry where ...