Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million weekly downloads. The North Korean state actor Sapphire Sleet compromised the project’s lead maintainer by stealing a long-lived npm access token. This allowed the attackers to publish two poisoned versions of the package that installed […]
The post Axios npm attack causes JavaScript supply chain chaos appeared first on Developer Tech News.