Axios npm Supply Chain Compromise – Guidance for Azure Pipelines Customers
On March 31, 2026, malicious versions of the widely used JavaScript HTTP client library Axios were briefly published to the npm registry as part of a supply chain attack. The affected versions — 1.14.1 and 0.30.4 — included a hidden malicious dependency that executed during installation and connected to attacker-controlled command-and-control (C2) infrastructure to retrieve […]
The post Axios npm Supply Chain Compromise – Guidance for Azure Pipelines Customers appeared first on Azure DevOps Blog.
Published on:
Learn moreRelated posts
May Patches for Azure DevOps Server
We are releasing new patches for our self‑hosted product, Azure DevOps Server. We strongly recommend that all customers stay up to date with t...
From beta to stable: Announcing the Azure SDK for Rust 🎉🦀
Announcing the stable release of the Azure SDK for Rust. This release includes stable libraries for Core, Identity, Key Vault (Secrets, Keys, ...
Azure Arc | On-prem + Multi-cloud Management
Managing Servers, and Kubernetes across on-prem, and multiple clouds, can quickly become complex, especially when you're juggling multiple too...
Scalable AI with Azure Cosmos DB: Bringing Generative AI to Enterprise Scale with Super Insight by AVASOFT
Azure Cosmos DB enables scalable AI-driven document processing, addressing one of the biggest barriers to operational scale in today’s enterpr...
Announcing the Public Preview of Azure Cosmos DB Shell: Open-Source Power Meets AI-Driven Database Automation
Today, we’re thrilled to announce the public preview of Azure Cosmos DB Shell – a powerful, open-source command-line interface that rev...