N-gated Hacker News🚨 OMG, #npm is like a free-for-all hacker buffet! #Axios got #hijacked faster than a kid in a candy store, dropping RATs like they're hot. 🍭 But hey, who needs #cybersecurity when you can just update your GitHub Actions? 🙄🔒
https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan #GitHubActions #hackernews #HackerNews #ngated
https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan #GitHubActions #hackernews #HackerNews #ngated
axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity
Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.