SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code
SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based sec...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1195 — Supply Chain Compromise (Initial Access)
Clear filter98 articles found
Axios NPM Package Breached in North Korean Supply Chain Attack
A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post Axios...
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Korea–nexus threat actor has hijacked the popular Axios NPM package in a high‑impact software supply chain attack that can silently backdoor Windows,...
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster t...
NPM Supply Chain Attack Uses undicy-http to Deploy RAT
A highly sophisticated npm supply chain attack that abuses a fake HTTP client package to deliver both a powerful RAT and a stealthy browser stealer. The mali...
Elastic releases detections for the Axios supply chain compromise
Hunting and detection rules for the Elastic-discovered Axios supply chain compromise.
Inside the Axios supply chain compromise - one RAT to rule them all
Elastic Security Labs analyzes a supply chain compromise of the axios npm package delivering a unified cross-platform RAT
Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Chain Attack on Security Infrastructure
TeamPCP continues its string of supply chain attacks, and announces a partnership with Vect ransomware group. The post Weaponizing the Protectors: TeamPCP’s ...
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Attackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used it to publish malicious version...
Google links axios supply chain attack to North Korean group
Google Threat Intelligence Group (GTIG) joined several other researchers in attributing the attack to a North Korean threat actor they call UNC1069. Sentinel...
How SentinelOne’s AI EDR Autonomously Discovered and Stopped Anthropic’s Claude from Executing a Zero Day Supply Chain Attack, Globally
Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.
Attackers hijack Axios npm account to spread RAT malware
Threat actors hijacked the npm account of Axios to distribute RAT malware via malicious package updates. Threat actors compromised the npm account of Axios, ...
Supply chain attack on Axios npm package: Scope, impact, and remediations
The Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that...
Cisco source code stolen in Trivy-linked dev environment breach
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development env...
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
Written by: Austin Larsen, Dima Lenz, Adrian Hernandez, Tyler McLellan, Christopher Gardner, Ashley Zaya, Michael Rudden Introduction Google Threat Intellige...
Hackers Poison Axios npm Package with 100 Million Weekly Downloads
Axios npm Package compromised in a supply chain attack, exposing developers to malware, data theft, and full system takeover risks worldwide.
Axios npm supply chain attack: Malicious updates add remote access trojan
The axios npm package, with about 100 million weekly downloads, was compromised via a maintainer’s account.
Axios NPM Packages Breached in Ongoing Supply Chain Attack
A severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a malicious dependency into specific A...
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
Axios npm packages backdoored in supply chain attack
An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages...