No Result
View All Result
  • Login
Saturday, July 4, 2026
FeeOnlyNews.com
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading
No Result
View All Result
FeeOnlyNews.com
No Result
View All Result
Home Cryptocurrency

Axios NPM Package Compromised in Supply Chain Attack

by FeeOnlyNews.com
3 months ago
in Cryptocurrency
Reading Time: 2 mins read
A A
0
Axios NPM Package Compromised in Supply Chain Attack
Share on FacebookShare on TwitterShare on LInkedIn



Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as compromised after a supply chain attack poisoned the popular JavaScript HTTP client library.

The compromise was first reported by cybersecurity company Socket, which said [email protected] and [email protected] were modified to pull in [email protected], a malicious dependency that ran automatically during installation before the releases were removed from npm.

According to security company OX Security, the altered code can give attackers remote access to infected devices, allowing them to steal sensitive data such as login credentials, API keys and crypto wallet information.

The incident shows how a single compromised open-source component can potentially ripple across thousands of applications that rely on it, exposing not just developers but also platforms and users connected to the system. 

Security companies urge key rotation, system audits

OX Security warned developers who installed [email protected] or [email protected] to treat their systems as fully compromised and immediately rotate credentials, including API keys and session tokens.

Socket said the compromised Axios releases were modified to include a dependency on [email protected], a package published shortly before the incident and later identified as malicious.

Related: Trust Wallet browser extension knocked offline by Chrome Store ‘bug,’ CEO says

The company said the dependency was configured to run automatically during installation through a post-install script, allowing attackers to execute code on target systems without additional user interaction.

Socket advised developers to review their projects and dependency files for the affected Axios versions and the associated [email protected] package, and to remove or roll back any compromised versions immediately.

Earlier crypto incidents highlight supply chain risks

Earlier crypto incidents have shown how supply chain breaches can escalate from stolen developer information to user-facing wallet losses.

On Jan. 3, onchain investigator ZachXBT reported that “hundreds” of wallets across Ethereum Virtual Machine-compatible networks were drained in a broad attack that siphoned small amounts from each victim. 

Cybersecurity researcher Vladimir S. said the incident was potentially linked to a December breach affecting Trust Wallet, which resulted in roughly $7 million in losses across over 2,500 wallets. 

Trust Wallet later said the breach may have originated from a supply chain compromise involving npm packages used in its development workflow.

Magazine: Nobody knows if quantum secure cryptography will even work

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy



Source link

Tags: AttackAxiosChaincompromisedNPMPackageSupply
ShareTweetShare
Previous Post

BoI governor signals budget could delay interest rate cuts

Next Post

El Al demands changes to passenger compensation law

Related Posts

Ripple Joins America250’s Giving 4th Campaign, Pledges ,000 XRP Donation Match for Veterans

Ripple Joins America250’s Giving 4th Campaign, Pledges $10,000 XRP Donation Match for Veterans

by FeeOnlyNews.com
July 4, 2026
0

Key TakeawaysRipple will match donations through the Call of Duty Endowment campaign in XRP, contributing up to a maximum of...

Kraken Expands Tokenized Stocks into Leveraged Trading

Kraken Expands Tokenized Stocks into Leveraged Trading

by FeeOnlyNews.com
July 4, 2026
0

Crypto exchange Kraken has begun accepting select tokenized stocks and exchange-traded funds (ETFs) as collateral for futures and margin trading,...

Crypto Market Awaits US FOMC Minutes as Expert Hints at Fed Rate Hike in September

Crypto Market Awaits US FOMC Minutes as Expert Hints at Fed Rate Hike in September

by FeeOnlyNews.com
July 4, 2026
0

The crypto market awaits the US FOMC minutes next week, especially after the Federal Reserve kept the policy rates unchanged...

Reported Riot 500 BTC custody transfer exposes Bitcoin miners’ AI funding pressure

Reported Riot 500 BTC custody transfer exposes Bitcoin miners’ AI funding pressure

by FeeOnlyNews.com
July 4, 2026
0

Riot Platforms' reported 500 BTC movement to NYDIG Custody gives the market a live signal for how public miners may...

AI and Crypto Payments Raise New Questions for Autonomous Transactions

AI and Crypto Payments Raise New Questions for Autonomous Transactions

by FeeOnlyNews.com
July 3, 2026
0

Key TakeawaysAutonomous AI agents need programmable payment rails available around the clock.Agentic payments remain two to three years away from...

SOL Tops  As Solana Network Activity Surges

SOL Tops $83 As Solana Network Activity Surges

by FeeOnlyNews.com
July 3, 2026
0

Key takeaways:Solana’s tokenized assets and memecoin revival drove SOL to a 30-day high at $83.Bullish leveraged appetite cooled sharply, suggesting...

Next Post
El Al demands changes to passenger compensation law

El Al demands changes to passenger compensation law

How Can a Surgical Procedure Volume Database Improve GI Market Insights?

How Can a Surgical Procedure Volume Database Improve GI Market Insights?

  • Trending
  • Comments
  • Latest
Entry-Level Rentals Are Disappearing—Here’s How Landlords Can Fill the Gap

Entry-Level Rentals Are Disappearing—Here’s How Landlords Can Fill the Gap

June 18, 2026
Trump reportedly pressed FDA chief to authorize mango and blueberry vapes after years of rejection

Trump reportedly pressed FDA chief to authorize mango and blueberry vapes after years of rejection

May 7, 2026
Iran war cost U.S. households ,000 each, top economist says

Iran war cost U.S. households $1,000 each, top economist says

July 1, 2026
House backs an emergency brake on elder fraud

House backs an emergency brake on elder fraud

June 26, 2026
Trump claims Iran deal is ‘unconditional surrender’: Axios

Trump claims Iran deal is ‘unconditional surrender’: Axios

June 18, 2026
Strait Outta Hormuz: Getting the Iran Oil Story Straight

Strait Outta Hormuz: Getting the Iran Oil Story Straight

June 12, 2026
Gasoline prices to fall sharply again Tuesday night

Gasoline prices to fall sharply again Tuesday night

0
Federal Reserve stress test: U.S. banks can withstand 8B in losses

Federal Reserve stress test: U.S. banks can withstand $708B in losses

0
Is Solana the Best Ethereum Alternative Right Now?

Is Solana the Best Ethereum Alternative Right Now?

0
Michael Hudson: How US Slave Interests Stifled US Monetary and Banking Policy Until 1913

Michael Hudson: How US Slave Interests Stifled US Monetary and Banking Policy Until 1913

0
Ripple Joins America250’s Giving 4th Campaign, Pledges ,000 XRP Donation Match for Veterans

Ripple Joins America250’s Giving 4th Campaign, Pledges $10,000 XRP Donation Match for Veterans

0
Markets may consolidate; micro, small and mid-caps could lead alpha generation, says Quant Mutual Fund

Markets may consolidate; micro, small and mid-caps could lead alpha generation, says Quant Mutual Fund

0
General Mills Grocery Deal: Save BIG on Cereal, Nature Valley, Annie’s, Mott’s, plus more (Includes Deal Scenarios!)

General Mills Grocery Deal: Save BIG on Cereal, Nature Valley, Annie’s, Mott’s, plus more (Includes Deal Scenarios!)

July 4, 2026
Ripple Joins America250’s Giving 4th Campaign, Pledges ,000 XRP Donation Match for Veterans

Ripple Joins America250’s Giving 4th Campaign, Pledges $10,000 XRP Donation Match for Veterans

July 4, 2026
Nancy Pelosi’s husband could face misdemeanor charges after hit-and-run that caused ‘major damage’

Nancy Pelosi’s husband could face misdemeanor charges after hit-and-run that caused ‘major damage’

July 4, 2026
United Trials New Program to Make Early Morning Flights Less Stressful

United Trials New Program to Make Early Morning Flights Less Stressful

July 4, 2026
Apple Is Reportedly Planning 5 New iPhones — Including a ,500 Foldable. Here’s What It Means for the Stock.

Apple Is Reportedly Planning 5 New iPhones — Including a $2,500 Foldable. Here’s What It Means for the Stock.

July 4, 2026
Kraken Expands Tokenized Stocks into Leveraged Trading

Kraken Expands Tokenized Stocks into Leveraged Trading

July 4, 2026
FeeOnlyNews.com

Get the latest news and follow the coverage of Business & Financial News, Stock Market Updates, Analysis, and more from the trusted sources.

CATEGORIES

  • Business
  • Cryptocurrency
  • Economy
  • Financial Planning
  • Investing
  • Market Analysis
  • Markets
  • Money
  • Personal Finance
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • General Mills Grocery Deal: Save BIG on Cereal, Nature Valley, Annie’s, Mott’s, plus more (Includes Deal Scenarios!)
  • Ripple Joins America250’s Giving 4th Campaign, Pledges $10,000 XRP Donation Match for Veterans
  • Nancy Pelosi’s husband could face misdemeanor charges after hit-and-run that caused ‘major damage’
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclaimers
  • About Us
  • Contact Us

Copyright © 2022-2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading

Copyright © 2022-2024 All Rights Reserved
See articles for original source and related links to external sites.