Warning, version 1.14.1 of the npm core package axios is experiencing an active supply chain attack
Mar 31, 2026 13:04:54
Share to 
According to market news, Socket has detected that version 1.14.1 of the npm core package axios is experiencing an active supply chain attack. The attacker injected a malicious dependency package to implant malicious code into axios. Developers using axios are advised to immediately pin the version and review the project's lock files.
Latest News
The Lista DAO has launched the Dow Protocol E-Commerce Financing RWA Vault, with an APY currently reported at 10%
ChainCatcher
Apr 3, 2026 14:31:00
AI data company Mercor confirmed it has suffered a significant data breach involving clients such as OpenAI and Anthropic
ChainCatcher
Apr 3, 2026 14:20:49
Korea Investment & Securities is considering acquiring shares in the cryptocurrency exchange Coinone
ChainCatcher
Apr 3, 2026 14:13:53
The encryption risk rating agency CORE3 has launched, and the Trump family project World Liberty Financial has only received a D rating
ChainCatcher
Apr 3, 2026 14:11:52
The U.S. job market is showing warning signs, with multiple indicators falling to their lowest levels since the pandemic in 2020
ChainCatcher
Apr 3, 2026 14:05:26
