Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Yahoo Finance

Introducing Chainguard Libraries for JavaScript: Malware-Resistant Dependencies Built Entirely from Source

The risk in the JavaScript ecosystem isn't theoretical: earlier this month, a number of packages used by millions of developers were compromised via malicious code. These malware attacks against ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
InfoWorld

Jailed JavaScript library runs untrusted code safely in browsers, Node.js

Jailed uses native JavaScript functions to run other libraries in a sandboxed environment, which could be the route to safer plugins and better automated testing of code A recently revised JavaScript ...
Computerworld

Six useful JavaScript libraries for maps, charts and other data visualizations

Need to reformat data for use in another application? Plot it on a map? Use it for an interactive Web graphic? These open-source JavaScript libraries can help turn your data into a suitable format for ...
TechRadar

Popular JavaScript library can be hacked to allow attackers into user accounts

Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate validation CERT-CC warns of risks including authentication bypass and signed data tampering ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...