Skip to content
  • Hjem
  • Seneste
  • Etiketter
  • Populære
  • Verden
  • Bruger
  • Grupper
Temaer
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Kollaps
FARVEL BIG TECH
  1. Forside
  2. Ikke-kategoriseret
  3. "On March 31, 2026, two malicious versions (1.14.1 and 0.30.4) of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account.

"On March 31, 2026, two malicious versions (1.14.1 and 0.30.4) of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account.

Planlagt Fastgjort Låst Flyttet Ikke-kategoriseret
2 Indlæg 1 Posters 0 Visninger
  • Ældste til nyeste
  • Nyeste til ældste
  • Most Votes
Svar
  • Svar som emne
Login for at svare
Denne tråd er blevet slettet. Kun brugere med emne behandlings privilegier kan se den.
  • bettina@mastodon.nuB This user is from outside of this forum
    bettina@mastodon.nuB This user is from outside of this forum
    bettina@mastodon.nu
    wrote sidst redigeret af
    #1

    "On March 31, 2026, two malicious versions (1.14.1 and 0.30.4) of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account. The packages contained a hidden dependency that deployed a cross-platform remote access trojan (RAT) to any machine that ran npm install (or equivalent in other package managers like Bun) during a two-hour window."
    https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/

    bettina@mastodon.nuB 1 Reply Last reply
    0
    • bettina@mastodon.nuB bettina@mastodon.nu

      "On March 31, 2026, two malicious versions (1.14.1 and 0.30.4) of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account. The packages contained a hidden dependency that deployed a cross-platform remote access trojan (RAT) to any machine that ran npm install (or equivalent in other package managers like Bun) during a two-hour window."
      https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/

      bettina@mastodon.nuB This user is from outside of this forum
      bettina@mastodon.nuB This user is from outside of this forum
      bettina@mastodon.nu
      wrote sidst redigeret af
      #2

      Bagefter kom jeg til at tænke på at det er første april... Håber ikke det er en joke...

      1 Reply Last reply
      0
      Svar
      • Svar som emne
      Login for at svare
      • Ældste til nyeste
      • Nyeste til ældste
      • Most Votes

      • Log ind
      • Har du ikke en konto? Tilmeld
      • Login or register to search.
      Powered by NodeBB Contributors
      Graciously hosted by data.coop
      • First post
        Last post
      0
      • Hjem
      • Seneste
      • Etiketter
      • Populære
      • Verden
      • Bruger
      • Grupper