Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

Ontario dancer Ariel Hiatt goes viral by combining Canadian step dance with heavy metal hits

What is the best robot vacuum cleaner to buy in 2026? My final list after testing over 35 at home.

AdultFriendFinder review: Is the famous hookup site legit or not?

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » North Korean hackers are accused of hijacking the popular Axios open source project and spreading malware
Exclusives

North Korean hackers are accused of hijacking the popular Axios open source project and spreading malware

By March 31, 2026No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

Suspected North Korean hackers have hijacked and modified a popular open source software development tool to distribute malware that could put millions of developers at risk of compromise.

On Monday, hackers pushed a malicious version of a widely used JavaScript library called Axios that developers rely on to connect their software to the Internet. The affected libraries were hosted on npm, a software repository that stores code for open source projects. Axios is downloaded tens of millions of times every week.

Security firm Step Security, which analyzed the attack, said the hijacking was discovered and thwarted in about three hours during the night from Monday to Tuesday.

Hackers are increasingly targeting developers of popular open source projects in order to mass hack people who rely on compromised code, potentially giving them access to a vast number of affected devices. This type of widespread breach is called a supply chain attack because it targets software that allows hackers to hack into users who have downloaded the compromised software. In recent years, hackers have targeted large numbers of users by targeting companies like 3CX, Kaseya, and SolarWinds, as well as open source tools like Log4j and Polyfill.io.

It is currently unknown how many people downloaded the malicious version of Axios during that period. Security firm Aikido, which also investigated the incident, said anyone who downloaded the code “should assume their systems have been compromised.”

Google told TechCrunch that its security researchers have linked the Axios breach to North Korean hackers.

“We attribute this attack to what we believe to be a North Korean threat actor, which we track as UNC1069,” said John Hultquist, principal analyst in Google’s Threat Intelligence Group. “North Korean hackers have deep experience with supply chain attacks, which they have historically used to steal cryptocurrencies. The full scope of this incident is still unknown, but given the popularity of the compromised packages, we expect it to have far-reaching impact.”

tech crunch event

San Francisco, California
|
October 13-15, 2026

inquiry

Do you have more information about this hack? Or is it another supply chain attack? You can contact Lorenzo Franceschi-Bicchierai securely from any non-work device on Signal (+1 917 257 1382) or on Telegram, Keybase and Wire @lorenzofb, or email.

Hackers were able to slip malicious code into Axios by compromising the account of one of the project’s key developers, who was authorized to push updates. The hacker replaced the legitimate developer’s email address on the account with his own, making it even more difficult for the developer to regain access.

The hacker who took control of the account inserted malicious code designed to deliver a remote access Trojan (RAT). This is essentially malware that allows hackers to take full remote control of the victim’s computer. The hackers then pushed a new version of Axios with legitimate-looking updates for Windows, macOS, and Linux users.

Security researchers said the hackers also designed the malware and some of the code used to distribute it to be automatically removed after installation to hide it from anti-malware engines and investigators.

Updated to include information from Google regarding North Korea attribution.


Source link

#Aceleradoras #CapitalRiesgo #EcosistemaStartup #Emprendimiento #InnovaciónEmpresarial #Startups
Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleQuantum computers need just 10,000 qubits to crack the most secure codes, scientists warn
Next Article TrueConf zero-day exploited to attack Southeast Asian government networks

Related Posts

What is the best robot vacuum cleaner to buy in 2026? My final list after testing over 35 at home.

July 4, 2026

If you want to learn piano, check out Flowkey’s best price ever. Just $56 for 5 years

July 4, 2026

AdultFriendFinder review: Is the famous hookup site legit or not?

July 4, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

Ontario dancer Ariel Hiatt goes viral by combining Canadian step dance with heavy metal hits

What is the best robot vacuum cleaner to buy in 2026? My final list after testing over 35 at home.

AdultFriendFinder review: Is the famous hookup site legit or not?

If you want to learn piano, check out Flowkey’s best price ever. Just $56 for 5 years

Trending Posts

Dolly Parton thanks Taylor Swift and Travis Kelsey for huge donation

July 4, 2026

Taylor Swift’s wedding look included subtle nods to the era’s tour

July 4, 2026

Taylor Swift wears Christian Dior couture at her wedding

July 4, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.