A sophisticated supply chain attack has targeted Axios, one of the most heavily adopted HTTP clients within the JavaScript ecosystem, by introducing a malicious transitive dependency into the official npm registry. Serving as a critical component across frontend frameworks, backend microservices, and enterprise applications, Axios records approximately 83 million weekly downloads on npm. The compromise […] The post Axios NPM Packages Compromised to Inject Malicious Codes in an Active Supply Chain Attack appeared first on Cyber Security News.