North Korean Hackers Compromised the Axios npm Package — And It Took Less Than a Day
CrowdStrike attributes the supply chain attack on one of npm's most popular HTTP libraries to STARDUST CHOLLIMA, a DPRK-nexus threat actor. The compromise deployed cross-platform ZshBucket malware to Linux, macOS, and Windows — and Axios is downloaded over 100,000 times per week.