CISA warns Axios npm compromise delivered a RAT in a major supply chain attack

CISA has warned that the Axios npm package was compromised in a supply chain attack that delivered a remote access trojan to developers who installed two malicious releases. The affected versions were axios@1.14.1 and axios@0.30.4, both published on March 31, 2026 through a compromised maintainer account. The incident stands out because Axios is one of […] The post CISA warns Axios npm compromise delivered a RAT in a major supply chain attack appeared first on VPN Central.