Platforms Enterprise It SecurityEnterprise Item

Axios npm supply chain compromise via UNC1069 social engineering

April 3, 2026The Hacker News, Cisco Talos Intelligence Group, Qualys

The Hacker News, Cisco Talos, and others report trojanized Axios npm releases published after a targeted social engineering operation that stole maintainer credentials, highlighting how developer comms lures can become high-impact supply chain attacks.

Open in PulseSee the full expert discussion →

QUOTES

It turns out Axios npm was compromised via a targeted UNC1069 social engineering attack.

Attackers used a fake Slack + Teams setup to install malware, steal npm credentials, and publish trojanized versions (1.14.1, 0.30.4).

Cisco Talos is actively investigating the March 31, 2026 supply chain attack on the official Axios NPM package:

A supply chain attack has compromised Axios versions 1.14.1 and 0.30.4 to deploy a cross-platform Remote Access Trojan (RAT).

VOICES

The Hacker News

Cisco Talos Intelligence Group

Qualys

Clandestine

780th Military Intelligence Brigade (Cyber)

Matt Johansen

RELATED TERMS

npm packagesupply chainmalwareaxiosmalwaresupply chainnpm package

OTHER FINDINGS IN PLATFORMS ENTERPRISE IT SECURITY

Claude Code source exposure via npm source map file Claude Code source leak, GitHub DMCA takedowns, and trojanized forks Google post-quantum cryptography migration timeline moved up to 2029

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security