Securing the Supply Chain: How SentinelOne's AI EDR Stops the ...
Essential information
- Published
- 03/04/2026 02:03
- Modified
- 03/04/2026 17:03
- Source / Author
- AlienVault
- Confidence
- 100/100
- Report type(s)
- threat-report
- Tags
- 2026-04-03
- Related entities
- 7 indicators, 7 observables, 4 others
Description
On March 31, 2026, a North Korean state actor hijacked the npm credentials of the primary Axios maintainer and published two backdoored releases that deployed a cross-platform remote access trojan (RAT) to Windows, macOS, and Linux systems. Axios is the most widely used HTTP client in the JavaScript ecosystem, with approximately 100 million weekly downloads and a presence in roughly 80% of cloud and code environments.