North Korean Hackers Target High-Profile Node.js Maintainers
The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign. The post North Korean Hackers Target High-Profile Node.js Maintainers appeared first on SecurityWeek.
The North Korean threat actor blamed for the Axios supply chain attack has been aiming its social engineering campaign at various Node.js maintainers, Socket reports.
The Axios attack occurred on March 31, when two malicious package versions were published to the NPM registry. They were removed roughly three hours later, but were likely installed by over 3 million users.
In a postmortem, Axios lead maintainer Jason Saayman explained that the hackers had infected his computer with a backdoor roughly two weeks before.
Source: https://www.securityweek.com/north-korean-hackers-target-high-profile-node-js-maintainers/
Related breach coverage
- OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack2026-04-13
The AI giant is taking action after determining that a macOS code signing certificate may have been compromised. The post OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack appeared first on SecurityWeek.
- Axios NPM Package Breached in North Korean Supply Chain Attack2026-04-01
A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post Axios NPM Package Breached in North Korean Supply Chain Attack appeared first on SecurityWeek.
- React2Shell Attacks Linked to North Korean Hackers2025-12-09
North Korean threat actors are believed to be behind CVE-2025-55182 exploitation delivering EtherRAT. The post React2Shell Attacks Linked to North Korean Hackers appeared first on SecurityWeek.
- Google Warns of New Campaign Targeting BPOs to Steal Corporate Data2026-04-09
Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO. The post Google Warns of New Campaign Targeting BPOs to Steal Corporate Data appeared first on SecurityWeek.