critical Code Vulnerability
Axios npm Supply Chain Compromise — North Korea (UNC1069)
| Severity | critical |
| Status | open |
| Date | March 31, 2026 |
| Affects | Axios npm package (100M+ weekly downloads) |
| Source | cloud.google.com |
Details
North Korea-nexus threat actor UNC1069 compromised the official Axios npm package on March 31, 2026. Malicious code injected into official releases delivers a Remote Access Trojan. One of the largest npm supply chain attacks ever by download volume.