Bleeping Computer

Axios npm hack used fake Teams error fix to hijack maintainer account

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign linked to North Korean hackers ...
heise online

Fake Teams Update: How attackers tricked the axios maintainer

The HTTP client axios was briefly equipped with a backdoor and was thus available for download for about three hours. It is currently unclear how often the client was downloaded and installed during ...