The software supply chain is under sustained attack.Not from a
single threat actor or a single incident, but from an
ecosystem-wide campaign that has been escalating for months and
shows no signs of slowing down. This week, axios, the HTTP client
library downloaded 83 million times per week and present in roughly
80% of cloud environments, was compromised via a hijacked
maintainer account.Two backdoored versions deployed
platform-specific RATs attributed with high confidence to North
Korea’s Lazarus Group.The malicious versions were live
The software supply chain is under sustained attack.Not from a
single threat actor or a single incident, but from an
ecosystem-wide campaign that has been escalating for months and
shows no signs of slowing down. This week, axios, the HTTP client
library downloaded 83 million times per week and present in roughly
80% of cloud environments, was compromised via a hijacked
maintainer account.Two backdoored versions deployed
platform-specific RATs attributed with high confidence to North
Korea’s Lazarus Group.The malicious versions were live