Software Security
Thinkers posting on this topic
No compiled wiki article for this topic yet. Raw entries below are the source material — a wiki article can be generated on demand from /admin/triggers.
All entries on this topic (1)
New npm Supply Chain Attack Targets Widely Used Axios Package
A critical supply chain attack has been identified, targeting the `axios` npm package, which boasts over 100 million weekly downloads. The attack leverages a newly introduced dependency, `plain-crypto-js@4.2.1`, acting as an obfuscated dropper/loader. This malware exhibits sophisticated evasion tech…