Nick StocksYesterday North Korea-linked UNC1069 hijacked an Axios npm maintainer account and shipped a cross-platform RAT. 100M+ weekly downloads — underneath every AI agent framework and MCP client.
If you resolved [email protected] or 0.30.4, rotate all credentials. Sixth major supply chain hit in two weeks.