Skip to content
You can now search across every topic, entity and event.What's new
Timeline

plain-crypto-js

Malicious npm package injected by UNC1069 into Axios, carrying the WAVESHAPER.V2 backdoor.

1 of 1 entries (1 events, 0 interactions)

Filters
#35 May

Introduced into Axios versions v1.14.1 and v0.30.4 as the delivery vehicle for WAVESHAPER.V2

Cybersecurity: Threats and Defences: UNC1069 planted WAVESHAPER.V2 in Axios via maintainer phishing