npm Supply Chain Attack: UNC1069 Uses Social Engineering on Axios Maintainer

A recent supply chain compromise of the Axios npm package has been attributed to a sophisticated social engineering campaign conducted by North Korean threat actors known as UNC1069.

The maintainer of the Axios npm package, Jason Saayman, revealed that the attackers carefully crafted their social engineering tactics to target him specifically.

According to Saayman, the attackers approached him under the guise of the founder of a company, highlighting the level of personalization and deception used in the attack.

This incident highlights the importance of cybersecurity awareness and the need for individuals, especially those in critical roles such as package maintainers, to be vigilant against social engineering attacks.

The UNC1069 group’s use of social engineering to gain access to the Axios npm package demonstrates the evolving nature of cyber threats and the need for continuous monitoring and security measures to protect against such attacks.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

Hackers Breach 766 Next.js Hosts Using CVE-2025-55182: A Large-Scale Credential Harvesting Operation

Closing the Third-Party Risk Gap: A Crucial Step in Enhancing Client Security