Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million weekly downloads. The North Korean state actor Sapphire Sleet compromised the project’s lead maintainer by stealing a long-lived npm access token. This allowed the attackers to publish two poisoned versions of the package that installed […] The post Axios npm attack causes JavaScript supply chain chaos appeared first on Developer Tech News.
Want more insights? Join Grow With Caliber - our career elevating newsletter and get our take on the future of work delivered weekly.
