CISA has issued an alert after attackers compromised two versions of the widely-used Axios npm package on March 31, 2026, injecting a malicious dependency that downloads a remote access trojan — urging developers and organizations to downgrade, rotate credentials, and audit any pipelines that ran the affected versions.
Signal Search
Search across all ingested intelligence signals. Supports websearch syntax: AND OR "exact phrase" -exclude
28 results for Cyber · United States
Page 1 of 2