What caused the Axios npm supply chain attack?

UNC1069 used targeted social engineering: fake Slack from cloned CEO, Teams call with RAT via fake update, stealing maintainer creds.

How do I check if my project got the bad Axios versions?

Run `npm ls axios` for 1.14.1 or 0.30.4; update to latest, use `npm audit`. Scan transitives with Socket or GitHub Dependabot.

Will North Korean hackers target more npm packages?

Likely — OSS maintainers are low-hanging fruit for state actors chasing scale. Lock down with OIDC, hardware keys.

🌐 Nation-State Threats

North Korean Hackers' Slick Slack Trick: Inside the Axios npm Compromise

What if the next update to your favorite npm package came laced with North Korean spyware? That's exactly what happened to Axios — and it started with a too-perfect Slack invite.

Threat Digest Apr 03, 2026 3 min read 37 views

Read in: Deutsch English Español Français Italiano 日本語 한국어 Português (BR) Русский Türkçe

Digital illustration of a shadowy figure cloning a CEO's Slack workspace to breach Axios npm package

⚡ Key Takeaways

UNC1069's attack used hyper-realistic Slack/Teams fakes to RAT the Axios maintainer, publishing trojanized packages. 𝕏
Axios' 100M weekly downloads highlight npm's blast radius; transitive deps hide risks. 𝕏
Fixes like OIDC and immutable releases are essential, but expect more state-sponsored OSS hits. 𝕏

Published by

Threat Digest

Threat intelligence. Zero noise.

#npm compromise #social engineering #supply chain attack #unc1069

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by The Hacker News

⚡ Key Takeaways

The 60-Second TL;DR

Threat Digest

Share this article

Worth sharing?

Related Stories

North Korea Poisons Axios NPM with RATs in Bold Supply Chain Hit

Drift's $285M Nightmare: DPRK's Nonce Social Engineering Masterclass

TeamPCP's Ruthless Hijack of Security Scanners: 500K Machines, 300GB Stolen

North Korea's UNC1069 Turns Axios NPM into Cross-Platform Trapdoor

Stay in the loop