<p>Dennis and Lindsey dig into what we know do far about the supply chain attack on the axios NPM package, including how the attacker gained access to the maintainer&#39;s account, the window of exposure for the malicious packages, the behavior of the RAT that&#39;s installed on victims&#39; machines, and what the downstream effects may be. </p><p><br></p><p><strong>Links</strong></p><p><strong>Huntress post</strong>: https://www.huntress.com/blog/supply-chain-compromise-axios-npm-package</p><p><strong>Socket analysis</strong>: https://socket.dev/blog/axios-npm-package-compromised</p>

Decipher Security Podcast

Decipher

Axios NPM Supply Chain Attack

MAR 31, 202625 MIN
Decipher Security Podcast

Axios NPM Supply Chain Attack

MAR 31, 202625 MIN

Description

<p>Dennis and Lindsey dig into what we know do far about the supply chain attack on the axios NPM package, including how the attacker gained access to the maintainer&#39;s account, the window of exposure for the malicious packages, the behavior of the RAT that&#39;s installed on victims&#39; machines, and what the downstream effects may be. </p><p><br></p><p><strong>Links</strong></p><p><strong>Huntress post</strong>: https://www.huntress.com/blog/supply-chain-compromise-axios-npm-package</p><p><strong>Socket analysis</strong>: https://socket.dev/blog/axios-npm-package-compromised</p>