Advertisement
CRITICAL
Supply Chain
UNC1069 Social Engineering Leads to Axios npm Supply Chain Compromise
Runtime Rebel details how North Korean threat actor UNC1069 leveraged targeted social engineering against an Axios npm package maintainer, leading to a critical supply
Runtime Rebel Intel
4 min read·Apr 3, 2026
CRITICAL
Supply Chain
Axios npm Supply Chain Attack Attributed to North Korea's UNC1069
Google Threat Intelligence attributes a major Axios npm supply chain attack to North Korean group UNC1069, emphasizing risks to developer environments.
Runtime Rebel Intel
3 min read·Apr 1, 2026
SU
CRITICAL
Supply Chain
UNC1069 Leverages Axios NPM Supply Chain to Deploy WAVESHAPER.V2
North Korea-nexus UNC1069 compromised widely used Axios NPM package (v1.14.1, 0.30.4) by injecting plain-crypto-js to deploy WAVESHAPER.V2 backdoor across multiple OS.
Runtime Rebel Intel
8 min read·Apr 1, 2026