supply-chain-security

Axios npm Supply Chain Attack: North Korean Hackers Compromise 100M Weekly Downloads

North Korean threat group UNC1069 compromised the axios npm package — one of the most dependedupon JavaScript libraries with over 100 million weekly downloads — by hijacking the lead maintainer's npm…