OTX Bot

Securing the Supply Chain: How SentinelOne's AI EDR Stops the ...

On March 31, 2026, a North Korean state actor hijacked the npm credentials of the primary Axios maintainer and published two backdoored releases that deployed a cross-platform remote access trojan (RAT) to Windows, macOS, and Linux systems. Axios is the most widely used HTTP client in the JavaScript ecosystem, with approximately 100 million weekly downloads and a presence in roughly 80% of cloud and code environments.

Pulse ID: 69cf03e05f6b299dc3efd2cd
Pulse Link: https://otx.alienvault.com/pulse/69cf03e05f6b299dc3efd2cd
Pulse Author: AlienVault
Created: 2026-04-03 00:03:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CyberSecurity #EDR #HTTP #InfoSec #Java #JavaScript #Korea #Linux #Mac #MacOS #NPM #NorthKorea #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SentinelOne #SupplyChain #Trojan #Windows #bot #iOS #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Apr 3 at 5:05pmWeb