Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT | Snyk

Meta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injecting a hidden dependency that deploys a cross-platform remote access trojan. Here's what happened, who's affected, and how to check your exposure.