Mastodon Feed: Post

Boosted by jsonstein@masto.deoan.org ("Jeff Sonstein"):
BleepingComputer@infosec.exchange wrote:

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems.

https://www.bleepingcomputer.com/news/security/hackers-compromise-axios-npm-package-to-drop-cross-platform-malware/