Tag: UNC1069
-
The Podcast Trap: How UNC1069’s AI Deepfakes Are Poisoning the Global npm Registry
What begins as a mundane exchange—an invitation to a podcast or a routine professional briefing—may serve as the preamble to a sophisticated incursion, potentially granting adversaries access to millions of downstream projects. In recent weeks, several maintainers of prominent Node.js libraries have revealed they were targeted by an identical social engineering stratagem. While the Axios…
-
The 15-Second Takeover: How North Korea’s UNC1069 Hijacked Axios and 100 Million Users
The ubiquitous JavaScript library axios, a cornerstone utilized by millions of digital architectures, was transfigured for several hours into a conduit for the dissemination of malignant code. In a calculated maneuver, adversaries subverted the account of a lead maintainer, leveraging his credentials to promulgate contaminated iterations of the library. The cataclysm unfolded on March 31st.…