Supply Chain attack on Axios NPM Package

gist.github.com · JACOBSMILE1 · 15 days ago · news
quality 7/10 · good
0 net
Tags
node supply-chain
Looks like an account compromise on an active contributior to Axios is leading to supply chain attack risks. Below details are copied from the GitHub gist page of the thread. Affected Packages axios 1.14.1 Malicious axios 0.30.4 Malicious IoCs Renamed PowerShell copy %PROGRAMDATA%\wt.exe Transient VBScript loader %TEMP%\6202033.vbs Transient PowerShell payload %TEMP%\6202033.ps1 C2 server hxxp://sfrclak[.]com:8000/ Campaign ID 6202033 Full C2 URL hxxp://sfrclak[.]com:8000/ Watch your npm apps for a while!
← Back to stories