🚨 Active supply chain attack on [email protected]. The latest version pulls in [email protected] -- a brand-new package that didn't exist before today.
We're still investigating. If you use axios, pin your version and audit your lockfile. socket.dev/blog/axios-n...
A supply chain attack on Axios introduced a malicious dependency, [email protected], published minutes earlier and absent from the project’s GitHu...
