Highlights from March
Coming in at number 1 on this month’s top 10 most prevalent threat list is activity related to March 2026’s axios
npm compromise. On March 30, 2026, security researchers discovered that the widely-used npm package axios
was compromised through an account takeover attack targeting a lead maintainer. Attackers bypassed the project’s GitHub Actions CI/CD pipeline by compromising...
