Google attributes the supply chain attack on HTTP client Axios to a suspected North Korean threat actor it calls UNC1069
The supply chain attack was stopped in less than three hours, but it's still unclear how many people got hacked. — techcrunch.com/2026/03/31/h...
TechCrunch Lorenzo Franceschi-Bicchierai
Related Coverage
- Hacker Tries to Spread Malware to Millions by Hitting ‘Axios NPM’ Software PCMag · Michael Kan
- Axios NPM Distribution Compromised in Supply Chain Attack wiz.io
- Inside the Axios supply chain compromise - one RAT to rule them all Elastic Security Labs
- North Korean Hackers Suspected in Axios Software Tool Breach Bloomberg Law · Ryan Gallagher
- The Axios Breach: What Salesforce Developers Need to Know Salesforce Ben · Ross Collie
- North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say FCW · David DiMolfetta
- North Korea-linked hack hits largely invisible software that powers online services Channel NewsAsia
- North Korea-linked hack hits largely invisible software that powers online services Reuters · A.J. Vicens
- North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack Google Cloud Blog
- Axios supply chain attack chops away at npm trust Security Boulevard
Discussion
-
@emily.news
Emily
on bluesky
they got hacked by an unc?? [embedded post]
-
@seldo.com
Laurie Voss
on bluesky
I don't really know what we as an industry are supposed to do about North Korea. No individual developer and few corporations have the resources to fend off a determined nation state attacker, but that's what we've got, permanently, all of us. [embedded post]
-
@lorenzofb
Lorenzo Franceschi-Bicchierai
on bluesky
NEW: Someone hijacked an open-source software development tool to push malware to millions of people. — The supply chain attack was stopped in less than three hours, but it's still unclear how many people got hacked. — techcrunch.com/2026/03/31/h...
-
@zackwhittaker@mastodon.social
Zack Whittaker
on mastodon
Google is now linked the hack and hijack of the popular Axios npm open-source project to North Korea (UNC1069), which is known for stealing cryptocurrency. — Axios is downloaded tens of millions of times weekly, so this hack is likely widespread. — Our updated story: https://…