Crypto M - Crypto News
@cryptom
2.08K subscribers
15.9K photos
194 links
Your #1 destination for the latest and most unbiased market news on Bitcoin, Ethereum, NFT, Fintech, Web3, DeFi, and Blockchain.
Download Telegram
About
Blog
Apps
Platform
Join
Crypto M - Crypto News
2.08K subscribers
Crypto M - Crypto News
🚀 Supply Chain Attack Targets Popular npm Package Axios

A significant supply chain attack has targeted the npm package axios, according to Foresight News. The latest version, axios@1.14.1, has been compromised with a malicious package, plain-crypto-js@4.2.1, which was previously nonexistent. This package has been confirmed as malware by Socket AI's analysis. Axios, which has a weekly download rate exceeding 100 million, poses a potential risk to all projects that have updated to the latest version.

Feross, the founder of Socket AI, advises all axios users to immediately lock their current version and review their lock files, avoiding any upgrades to the latest version.

#SupplyChainAttack #npm #Axios #Malware #CyberSecurity #ForesightNews #SocketAI
10 views