{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihan3cpgkwf7bq6fubpd3uefwdzjlcdtcpp2yr7kboe555boes24e",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3miycbrij4vu2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreihbx4wn6e4kiayaioao7bxzineghqxo7jpmsp3tzhecraqscogozu"
    },
    "mimeType": "image/webp",
    "size": 52834
  },
  "path": "/axios-npm-compromise-pushed-cross-platform-malware-through-poisoned-releases/",
  "publishedAt": "2026-04-07T17:53:22.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Axios npm compromise pushed cross-platform malware through poisoned releases",
    "VPN Central"
  ],
  "textContent": "Developers who installed axios@1.14.1 or axios@0.30.4 on March 31 should treat those systems as compromised. Axios maintainer Jason Saayman confirmed that two malicious versions were published through his compromised npm account, and both pulled in a fake dependency named plain-crypto-js@4.2.1 that installed a remote access trojan on Windows, macOS, and Linux. The malicious releases stayed […]\n\nThe post Axios npm compromise pushed cross-platform malware through poisoned releases appeared first on VPN Central.",
  "title": "Axios npm compromise pushed cross-platform malware through poisoned releases"
}