axios npm Hijacked by North Korea: 100M Downloads Served a RAT for 3 Hours
North Korea hijacked the axios npm package on March 31, deploying a RAT in versions 1.14.1 and 0.30.4 for 3 hours. 100M weekly downloads in the blast radius. Check your node_modules now.
·7 min read