{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiewfsk52goxolzijjdyafc2czqzpiyn5kz6of4nqdsupvengtrhpu",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mie7knfrorc2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigndhx3o7kun3nedn35vvygoueodvgzw6tlsy7e5ngbu56onmx4le"
    },
    "mimeType": "image/jpeg",
    "size": 411147
  },
  "path": "/2026/03/axios-supply-chain-attack-pushes-cross.html",
  "publishedAt": "2026-03-31T06:08:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems.\nVersions 1.14.1 and 0.30.4 of Axios have been found to inject \"plain-crypto-js\" version 4.2.1 as a fake dependency.\nAccording to StepSecurity, the two",
  "title": "Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account"
}