Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Claude Code, Anthropic’s top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...

Anthropic accidentally leaked key details of its AI tool Claude Code.

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer account was taken over. Security r ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...