Threat Intelligence Report

Axios attacker strikes again! Three NPM packages have been hiding in plain sight for two months

📅 May 19, 2026 📰 opensourcemalware.com 🔍 0 CVE(s) referenced

While defenders focused on the high-profile Axios NPM compromise, the same attacker quietly deployed three new malicious packages using identical cryptographic keys to harvest developer credentials for nearly two months, exposing a far broader and more persistent supply chain threat than previously realized.

unclassified

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle