Summary
Researchers at Google have linked suspected North Korean hackers to a security breach involving the popular open-source software package Axios. These hackers inserted harmful software that could steal sensitive information into the Axios package, which is used in millions of downloads weekly. Though the harmful software versions were quickly removed, the incident highlights potential risks due to Axios's wide usage.
Key Facts
- Google researchers suspect North Korean hackers compromised the Axios package.
- Axios is a JavaScript library used to make HTTP requests.
- The hackers inserted malware into Axios that could steal credentials, or login info.
- The malicious versions affected systems like macOS, Windows, and Linux.
- The malicious versions were removed within about three hours of publication.
- Axios is downloaded around 100 million times per week and is widely present in many software environments.
- The incident is separate from another npm supply chain attack recently disclosed.
- It is unclear how the hackers accessed the maintainer's GitHub account.
