Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

programming·Programmingbyspez

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

What an ol' classic in the age of AI!

https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.htmlOpen link View original on sh.itjust.works

Comments3

spez

sh.itjust.works

It gets better and better lol

TechnoCat

piefed.social

I always advocate switching to pnpm where install scripts are disabled by default. It has plenty of security features to ward off most supply chain attacks.

https://pnpm.io/settings#onlybuiltdependencies
https://pnpm.io/settings#minimumreleaseage
https://pnpm.io/blog/2025/12/29/pnpm-in-2025#security-by-default

onlinepersona

programming.dev

Pre and post install hooks are a mistake, jfk

ultimate_worrier

lemmy.dbzer0.com

-1