DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
GitHub

dlubal-software/Dlubal_JavaScript_Library

You can download actual release of our JavaScript library and the use it for your project or you can fork our repository.
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million weekly downloads. The North Korean state actor Sapphire Sleet compromised the ...
HHS

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...
IEEE

PTDETECTOR: An Automated JavaScript Front-end Library Detector

Abstract: Identifying what front-end library runs on a web page is challenging. Although many mature detectors exist on the market, they suffer from false positives and the inability to detect ...