A hacker has hijacked and modified a popular open-source software development tool to deliver malware that could put millions of developers at risk of being compromised. On Monday, a hacker pushed malicious versions of the widely used JavaScript library called Axios, which developers rely on to allow their software to connect to the internet.
Advertising slot
What happened
A hacker has hijacked and modified a popular open-source software development tool to deliver malware that could put millions of developers at risk of being compromised.
Why it matters
On Monday, a hacker pushed malicious versions of the widely used JavaScript library called Axios, which developers rely on to allow their software to connect to the internet. The affected library was hosted on npm , a software repository that stores code for open-source projects. Axios is downloaded tens of millions of times every week.
Advertising slot
What to watch next
The hijack was spotted and stopped in around three hours overnight on Monday into Tuesday, according to security firm StepSecurity, which analyzed the attack .
Source notes
- TechCrunch press Global
From Patrick Tech
Contextual tools
AI Workspace Bundle for Digital Teams
A curated stack for writing, translation, summarization, and internal workflow speed.
Open Patrick Tech StoreCommunity
What did you think of this story?
Drop a reaction or leave a comment right below the article.
Latest comments
0No comments yet. You can start the conversation.