Technology|April 1, 2026|1 min read

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google's Threat Analysis Group links a recent supply chain attack targeting Axios npm packages to the North Korean hacking group UNC1069.

#Google#Axios#npm#Supply Chain Attack#UNC1069#Cybersecurity

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google's Threat Analysis Group has published findings linking a notable supply chain attack that impacted numerous users of Axios npm packages to the North Korean cyber espionage group known as UNC1069. This group is notorious for its involvement in various cyber espionage initiatives across different sectors.

The attack centered on the infiltration of npm packages to disseminate malicious code, posing significant risks to developers and organizations utilizing these libraries. Security professionals are urging developers to conduct thorough audits of their dependencies to ensure the security and integrity of the libraries they incorporate into their projects.

Share this story

Mercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project

Mercor, an AI recruiting startup, confirmed a cyberattack linked to the compromised LiteLLM project, with extortion group Lapsus$ claiming responsibility for stealing data from its systems.