{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihdfurzvgycsloaqaqnv2xdshnfxib7r2ukoivyi24qlat2h7nn4y",
    "uri": "at://did:plc:egtaskq2bpyoyyci5hc6ksmy/app.bsky.feed.post/3mk3syxvx23n2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreic7l6dd4hx64od6s55v5q44wigyvjoqmosvb6xolp47ksyfdng6ay"
    },
    "mimeType": "image/png",
    "size": 934358
  },
  "path": "/axios-npm-supply-chain-north-korea-iot-firmware/",
  "publishedAt": "2026-04-14T09:00:00.000Z",
  "site": "https://secureiotoffice.world",
  "textContent": "North Korean threat actors compromised the axios npm package — used in 100 million JavaScript projects weekly — through a hijacked maintainer account, delivering a cross-platform RAT in under an hour. For IoT and embedded device builders, it's a wake-up call about firmware supply chain risk.",
  "title": "North Korea Backdoored axios — 100 Million Projects Didn't Notice for 39 Minutes"
}