UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

3 hours ago [email protected] (The Hacker News)
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack


The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069.
Maintainer Jason Saayman said the attackers tailored their social engineering efforts “specifically to me” by first approaching him under the guise of the founder of a

The post “UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: ,

More Stories

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

3 hours ago [email protected] (The Hacker News)

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

5 hours ago [email protected] (The Hacker News)

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

6 hours ago [email protected] (The Hacker News)

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

23 hours ago [email protected] (The Hacker News)

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

1 day ago [email protected] (The Hacker News)

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

2 days ago [email protected] (The Hacker News)