Malware And CampaignsCampaign

Axios npm breach via UNC1069 social engineering and malicious updates

April 6, 2026SC Media, The Hacker News, Dark Reading

SC Media and others say an Axios maintainer attributed an npm breach to UNC1069 social engineering using fake Slack and Teams setups to deploy a RAT and push malicious updates to millions of users, underscoring how maintainer targeting drives supply chain compromise.

Open in PulseSee the full authority discussion →

QUOTES

Axios maintainer says social engineering by UNC1069 led to npm breach.

Attackers used a fake Slack/Teams setup to deploy a RAT and push malicious updates to millions of users.

Axios hack

Axios Attack Shows Social Complex Engineering Is Industrialized:

Axios maintainer’s post mortem confirms social engineering by UNC1069

VOICES

SC Media

The Hacker News

Dark Reading

Kimberly

The Cyber Security Hub™

Nicolas Krassas

RELATED TERMS

supply chainnpmsocial engineeringsupply chainnpm supplynpm install

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what authorities are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new authority voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security