https://ramimac.me/axios/ Updates on the Axios npm supply chain attack. Compromised maintainer account, credential stealer via plain-crypto-js dependency. en-us Sun, 06 Apr 2026 17:30:00 +0000 https://ramimac.me/axios/#phase-2 https://ramimac.me/axios/#phase-2 Thu, 02 Apr 2026 06:12:00 +0000 Copycat attack on module-generate-cli (mgc) package via compromised admondtamang account. Similar techniques to axios attack but no confirmed relationship to DPRK actors. https://ramimac.me/axios/#phase-1 https://ramimac.me/axios/#phase-1 Tue, 31 Mar 2026 00:21:58 +0000 Compromised jasonsaayman npm account publishes axios@1.14.1 and axios@0.30.4 with injected plain-crypto-js dependency. Multi-platform credential stealer targeting Windows, macOS, and Linux.