VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
DataBreachToday

How AI Supply-Chain Monitor Spotted Unfolding Axios Attack

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...
SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
Hosted on MSN

OpenAI flags software supply chain scare

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently infected, legitimate open-source software library. Why it matters: The incident ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

OpenAI Confirms Security Incident—Mac Users Must Update All Apps Now

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, OpenAI has confirmed.

The Axios Hack: What to Know

The internet runs on shared code—a big problem when a cyberattack corrupts the software supply chain.
telecom.economictimes.indiatimes

OpenAI identifies security issue involving third-party tool, says user data was not accessed

OpenAI said on Friday it had identified a security issue involving a third-party developer tool called Axios and is taking steps to protect the process that certifies its macOS applications are ...