Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
TechRadar

Popular JavaScript library can be hacked to allow attackers into user accounts

Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate validation CERT-CC warns of risks including authentication bypass and signed data tampering ...
GIGAZINE

A developer who maintains the open source library `` core-js '' that is also used by large companies such as Apple and Netflix by himself asks for help saying `` it is already ...

'core-js' is used as the most standard Polyfill on a wide range of websites, and the number of downloads of 'core-js' through npm, a package management tool, has reached approximately 250 million ...
ZDNet

Popular JavaScript library starts showing ads in its terminal

Standard, a JavaScript style guide, linter, and automatic code fixer, has implemented what appears to be the first advertising system for JavaScript libraries. The ads are powered by a new project ...