{
  "name": "Securing the Supply Chain: How SentinelOne's AI EDR Stops the ...",
  "slug": "securing-the-supply-chain-how-sentinelones-ai-edr-stops-the",
  "description": "On March 31, 2026, a North Korean state actor hijacked the npm credentials of the primary Axios maintainer and published two backdoored releases that deployed a cross-platform remote access trojan (RAT) to Windows, macOS, and Linux systems. Axios is the most widely used HTTP client in the JavaScript ecosystem, with approximately 100 million weekly downloads and a presence in roughly 80% of cloud and code environments.",
  "published": "2026-04-03T00:03:44.645000+00:00",
  "created_at": "2026-04-03T17:03:56.283000+00:00",
  "modified_at": "2026-04-03T15:03:56+00:00",
  "created_at_opencti": "2026-04-03T17:03:56.283000+00:00",
  "author": "AlienVault",
  "confidence": 100,
  "report_types": [
    "threat-report"
  ],
  "labels": [],
  "tags": [
    "2026-04-03"
  ],
  "related_entities": {
    "indicators": [
      {
        "id": "5387a723-2eed-431a-8fa1-af25d9c8337a",
        "name": "5bb67e88846096f1f8d42a0f0350c9c46260591567612ff9af46f98d1b7571cd"
      },
      {
        "id": "ccd99c2c-a711-4468-9674-5d741d5ad695",
        "name": "sfrclak.com"
      },
      {
        "id": "d2f0d7b1-fade-475f-8b86-77d1948d5f93",
        "name": "http://sfrclak.com:8000/6202033"
      },
      {
        "id": "673e9434-50b7-477d-ba2c-8aacc8fe122e",
        "name": "chickencoinwin.website"
      },
      {
        "id": "5acf3196-333e-4ee2-b658-62013e84891b",
        "name": "58401c195fe0a6204b42f5f90995ece5fab74ce7c69c67a24c61a057325af668"
      },
      {
        "id": "f3404dda-5d09-42dc-9908-c38995b6f2ab",
        "name": "callnrwise.com"
      },
      {
        "id": "3e8d5e1d-0943-469c-bfed-a7760db0d46c",
        "name": "focusrecruitment.careers"
      }
    ],
    "observables": [
      {
        "id": "65013f77-9aa6-4061-9283-ea1f335a1f00",
        "name": "focusrecruitment.careers"
      },
      {
        "id": "957dfc23-cd1b-4dcf-9ef7-df4ecc8ff370",
        "name": "callnrwise.com"
      },
      {
        "id": "682dccab-ce50-4ec5-8f34-2e32e63e11e3",
        "name": "sfrclak.com"
      },
      {
        "id": "b10f477e-52a3-4648-a10d-82aa05286ab5",
        "name": "chickencoinwin.website"
      },
      {
        "id": "462fcf4e-4a4e-4adf-a04f-1d89f87381f4",
        "name": "http://sfrclak.com:8000/6202033"
      },
      {
        "id": "",
        "name": "5bb67e88846096f1f8d42a0f0350c9c46260591567612ff9af46f98d1b7571cd"
      },
      {
        "id": "",
        "name": "58401c195fe0a6204b42f5f90995ece5fab74ce7c69c67a24c61a057325af668"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "sfrclak.com"
      },
      {
        "id": "",
        "name": "chickencoinwin.website"
      },
      {
        "id": "",
        "name": "callnrwise.com"
      },
      {
        "id": "",
        "name": "focusrecruitment.careers"
      }
    ]
  },
  "external_refs": [
    {
      "id": "dac1674f-06f8-45cc-8d20-8d704e02710e",
      "standard_id": "external-reference--b13feeea-baed-50c8-be97-ba21cc8d6a73",
      "entity_type": "External-Reference",
      "source_name": "AlienVault",
      "description": null,
      "url": "https://www.sentinelone.com/blog/securing-the-supply-chain-how-sentinelones-ai-edr-stops-the-axios-attack-autonomously/",
      "hash": null,
      "external_id": null,
      "created": "2026-04-03T17:03:56.218Z",
      "modified": "2026-04-03T17:03:56.218Z",
      "createdById": null
    },
    {
      "id": "814d8268-b5e6-4cae-9af6-9315078587b5",
      "standard_id": "external-reference--f0c3ca16-d9d6-5f09-ba34-c3316505a33b",
      "entity_type": "External-Reference",
      "source_name": "AlienVault",
      "description": null,
      "url": "https://otx.alienvault.com/pulse/69cf03e05f6b299dc3efd2cd",
      "hash": null,
      "external_id": "69cf03e05f6b299dc3efd2cd",
      "created": "2026-04-03T17:03:56.158Z",
      "modified": "2026-04-03T17:03:56.158Z",
      "createdById": null
    }
  ]
}