A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace
Tag: maintainer
AI, Global Security News, malware
Social engineering attacks on open source developers are escalating
North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into installing a RAT posings as a software update. They used the access they gained to inject malware into npm packages downloaded 100+ million times a week.…
AI, Apps, Cloud Security, Data Breaches, Global Security News, malware
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Attackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used it to publish malicious versions of the package that deployed a cross-platform remote access trojan on developer machines. The incident represents the highest-impact npm supply chain attack on record given Axios’ approximately 100 million weekly…
AI, Europe, Global Security News
European Open Source Awards 2026 Honor Linux Kernel Maintainer Greg Kroah-Hartman
Linux kernel maintainer Greg Kroah-Hartman has received the top prize at the 2026 European Open Source Awards in Brussels. The post European Open Source Awards 2026 Honor Linux Kernel Maintainer Greg Kroah-Hartman appeared first on Linux Today.