Axios NPM Package Breached in North Korean Supply Chain Attack

01/04/2026-11:45 01/04/2026-12:25 מחשבים וטכנולוגיה Security Aid דיווח

A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post securityweek.com
appea

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

🔗 www.securityweek.com