axios
Search documents
X @BNB Chain
BNB Chain· 2026-03-31 08:39
RT HashDit | now with Pro Extension (@HashDit)CRITICAL HashDit Alert 🚨🚨 : axios npm supply chain attack (March 31, 2026)Attacker hijacked the maintainer's npm account & published malicious versions:❌ axios@1.14.1❌ axios@0.30.4These drop a RAT on macOS/Windows/Linux via postinstall script.✅ Downgrade NOW:- npm install axios@1.14.0 (or 0.30.3 for 0.x)Check if affected:- npm list axios | grep -E "1\.14\.1|0\.30\.4"- If infected → rotate ALL secrets (npm, GitHub, AWS, SSH keys)- C2 still active. 100M+ weekly do ...