Reading List

A supply chain attack compromises HTTP client Axios, which has 100M weekly npm downloads, introducing a malicious dependency and deploying a multi-stage payload (Socket) from Techmeme RSS feed.

A supply chain attack compromises HTTP client Axios, which has 100M weekly npm downloads, introducing a malicious dependency and deploying a multi-stage payload (Socket)

Techmeme

Socket:
A supply chain attack compromises HTTP client Axios, which has 100M weekly npm downloads, introducing a malicious dependency and deploying a multi-stage payload  —  Socket Research Team … Our analysis shows the malicious package deploys a multi-stage payload, including a remote access trojan …