Microsoft details how to mitigate the Axios npm supply chain compromise

Microsoft says developers and organizations that installed the compromised Axios releases should assume exposure and act fast. In its April 1 guidance, Microsoft Threat Intelligence said the malicious Axios versions were 1.14.1 and 0.30.4, and urged users to rotate secrets immediately and downgrade to safe versions such as 1.14.0 or 0.30.3. The attack matters because […] The post Microsoft details how to mitigate the Axios npm supply chain compromise appeared first on VPN Central.