Top NPM Maintainers Targeted with AI Deepfakes in Massive ...
1 天前 · Top NPM Maintainers Targeted with AI Deepfakes in Massive Supply-Chain Attack, Axios Briefly Compromised (pcmag.com) 19 Posted by EditorDavid on Saturday April 04, 2026 @11:34PM …
UNC1069 Social Engineering of Axios Maintainer Led to npm ...
2 天之前 · The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat …
The Deepfake Offensive: How AI-Generated Imposters Nearly ...
13 小时之前 · A coordinated deepfake campaign targeted the maintainers of npm's 50 most critical packages, briefly compromising the Axios HTTP library. The attack used AI-generated video …
Top NPM Maintainers Targeted with AI Deepfakes in Massive ...
23 小时之前 · "Hackers briefly turned a widely trusted developer tool into a vehicle for credential-stealing malware that could give attackers ongoing access to infected systems," the news site Axios.com …
Axios npm Supply Chain Compromise — Full Analysis Package
5 天之前 · On March 30-31, 2026, the npm package axios (~83M weekly downloads) was compromised through a maintainer account hijack. Two malicious versions injected plain-crypto-js@4.2.1, an …
axios Was Compromised on npm — What Happened, How It Works ...
4 天之前 · Step 1 — Account Hijack: The Entry Point The attacker compromised the jasonsaayman npm account — the primary maintainer of axios. The account's registered email was changed to an …
Axios Poisoned: UNC1069’s npm Supply Chain Playbook
2 天之前 · Axios Poisoned: UNC1069’s npm Supply Chain Playbook Key Takeaways On March 31, 2026, the npm package axios — the most downloaded JavaScript HTTP client library with over 100 …