Axios Developer Targeted in North Korean Social Engineering Attack

The maintainers of the Axios HTTP client disclosed a social engineering attack targeting one of its developers, attributed to North Korean threat actors. The attackers used a fake Microsoft Teams error fix to trick the maintainer into executing malicious code, leading to account hijacking. The incident involved the compromise of the developer’s npm account, though no malicious packages were published. The attack was part of a broader campaign to infiltrate open-source projects for supply chain exploitation. No specific dates, CVE IDs, or technical indicators were provided in the report.