Malware pushed via hijacked open-source project

A popular open-source JavaScript library, Axios, was compromised by a hacker who injected malware. This library is downloaded tens of millions of times weekly, potentially exposing millions of developers to risk. The attack, a supply chain breach, targeted a developer's account to push malicious updates. The malware, designed to grant remote control, also included self-deleting code to evade detection. While the hijack was quickly contained, security experts advise anyone who downloaded the compromised version to assume their system is affected. This incident highlights the growing threat of supply chain attacks on widely used software components.