国家通报中心监测发现,近期集中爆发多起供应链投毒攻击事件,攻击目标包括API研发工具Apifox、Python开发库LiteLLM以及JavaScript HTTP库Axios,涉及开源软件仓库和商用工具两大核心供应链场景。其中,Axios投毒事件因OpenClaw等大量AI应用及插件生态直接依赖该库,导致风险通过依赖链向终端用户进一步蔓延。三起供应链投毒事件呈现攻击隐蔽性强、影响范围广、危害程度 ...
格隆汇4月10日|据国家网络安全通报中心消息,国家通报中心监测发现,近期集中爆发多起供应链投毒攻击事件,攻击目标包括API研发工具Apifox、Python开发库LiteLLM以及JavaScript ...
中新经纬4月10日电 10日,微信号“国家网络安全通报中心”发布《近期多起供应链投毒事件安全风险分析》。国家通报中心监测发现,近期集中爆发多起供应链投毒攻击事件,攻击目标包括API研发工具Apifox、Python开发库 ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
快科技4月10日消息,据国家网络安全通报中心微信公众号通报,国家通报中心监测发现, 近期集中爆发多起供应链投毒攻击事件,攻击目标包括API研发工具Apifox、Python开发库LiteLLM以及JavaScript HTTP库Axios,涉及开源软件仓库和商用工具两大核心供应链场景。 其中,Axios投毒事件因OpenClaw等大量AI应用及插件生态直接依赖该库,导致风险通过依赖链向终端用户进一 ...
IHS Holding Limited (NYSE: IHS) (“IHS Towers”), filed its annual report on Form 20-F for the fiscal year ended December 31, 2025, with the Securities and Exchange Commission on March 16, 2026. The ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
一些您可能无法访问的结果已被隐去。
显示无法访问的结果