Advertisement
SU
HIGH
Supply Chain
Axios npm Supply Chain Attack: Malicious Payloads and Mitigation
Axios npm versions 1.14.1 and 0.30.4 compromised via a malicious dependency injecting remote access trojans. Learn how to detect and remediate this threat.
Runtime Rebel Intel
3 min read·Apr 21, 2026
SU
CRITICAL
Supply Chain
UNC1069 Leverages Axios NPM Supply Chain to Deploy WAVESHAPER.V2
North Korea-nexus UNC1069 compromised widely used Axios NPM package (v1.14.1, 0.30.4) by injecting plain-crypto-js to deploy WAVESHAPER.V2 backdoor across multiple OS.
Runtime Rebel Intel
8 min read·Apr 1, 2026