Axios Hijacked: npm Account Takeover Deploys Cross-Platform RAT to Millions
Why This Matters Now The recent Axios npm package hijacking is a stark reminder of the vulnerabilities in our software supply chains. On December 14, 2023, attackers took control of the Axios npm account and published a malicious version of the package. This compromised version included a cross-platform remote access trojan (RAT), which could have given attackers full control over the systems of anyone who installed the package. The incident highlights the critical importance of securing npm accounts and maintaining vigilant dependency management practices. ...