VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
DataBreachToday

How AI Supply-Chain Monitor Spotted Unfolding Axios Attack

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...
SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
Hosted on MSN

OpenAI flags software supply chain scare

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently infected, legitimate open-source software library. Why it matters: The incident ...
telecom.economictimes.indiatimes

OpenAI identifies security issue involving third-party tool, says user data was not accessed

OpenAI said on Friday it had identified a security issue involving a third-party developer tool called Axios and is taking steps to protect the process that certifies its macOS applications are ...

OpenAI says it faced a security issue, forces mandatory update for all Mac users to block fake ChatGPT apps

OpenAI reported a security issue related to third-party library Axios. The company said it found no evidence of compromised user data or altered systems. The ChatGPT maker is now are updating security ...

OpenAI identifies security issue involving third-party tool, says user data was not accessed

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were compromised.