Homeland Security Today

Supply Chain Compromise Impacts Axios Node Package Manager , CISA Alert Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the software supply chain compromise of the Axios node package manager (npm). 1 ...
CodeZine(コードジン)

なぜ検知できなかったのか? Axiosを襲った「遅延型」サプライ ...

Developers Summit 2026・Dev x PM Day 講演資料まとめ Developers Boost 2025 講演資料まとめ Developers X Summit 2025 講演資料まとめ Developers Summit 2025 FUKUOKA 講演関連資料まとめ Developers Summit 2025 KANSAI 講演関連資料まとめ ...
ITmedia

「Axios」にとどまらないオープンソース攻撃 信頼を悪用するだまし ...

オープンソースのJavaScript HTTPクライアント「Axios」に不正なコードが仕込まれたサプライチェーン攻撃。発端となったソーシャルエンジニアリングの手口が明らかになったことで、標的はAxiosにとどまらず、オープンソースエコシステムを狙った攻撃が他にも ...
CSOonline

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem. Attackers ...
IT News For Australia Business

Supply chain attack hits 100 million-download Axios npm package

A widely used JavaScript package used with over a hundred million weekly downloads has been compromised in a new supply chain attack to fetch a malware payload for Windows, Linux systems and macOS ...