Google has attributed the recent Axios npm supply chain compromise to a North Korean threat group tracked as UNC1069. The attack, aimed at financial gain, exploited the package to target developers and organizations relying on Axios.
John Hultquist of Google Threat Intelligence confirmed the attribution, highlighting the group’s growing activity in supply chain attacks.
“GTIG attributes this activ...
