more details: https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan Most likely, a maintainer's GitHub and npm accounts are compromised as these iss...
On closer inspection, preventing post-install would have fixed it too: “The attack exploited a transitive dependency, plain-crypto-js@4.2.1, which executed a postinstall script to deploy the RAT.”
On closer inspection, preventing post-install would have fixed it too: “The attack exploited a transitive dependency, plain-crypto-js@4.2.1, which executed a postinstall script to deploy the RAT.”