Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Suspected North Korean Hackers Compromise Axios Package in Supply-Chain Attack

Security experts said the breach could take months to assess, with about 135 devices at roughly 12 companies already identified.

  • Suspected North Korean hackers compromised the software package Axios on Tuesday, gaining control of a developer's account for three hours and pushing malicious updates to thousands of companies.
  • Pyongyang relies on digital heists to fund nuclear and missile programs, a tactic the regime employed three years ago when infiltrating another popular software provider used by healthcare and hotel firms.
  • John Hammond, security researcher at Huntress, identified about 135 compromised devices belonging to roughly 12 companies, describing the hack as "perfectly timed" given AI agents developing software without review.
  • "We anticipate they will try to leverage the credentials," Charles Carmakal, Mandiant chief technology officer, warned, as experts expect recovery will take months while attackers target cryptocurrency assets.
  • High-Profile, noisy operations are a price Pyongyang is willing to pay because the regime is not worried about its international reputation, Ben Read, director of strategic threat intelligence at Google-owned Wiz, noted.
Insights by Ground AI

17 Articles

The Japan TimesThe Japan Times
Center

North Korea hackers suspected of attack on widely used software tool

Hackers linked to North Korea are suspected of an ambitious attack on an inconspicuous software package, cybersecurity experts said.

·Japan
Read Full Article
The Star Kuala LumpurThe Star Kuala Lumpur
Right

Axios software tool used by millions compromised in hack

Axios, a tool widely used to develop software applications, was compromised overnight, introducing a vulnerability in a key part of the internet's plumbing.

·Malaysia
Read Full Article
CNNCNN
+9 Reposted by 9 other sources
Lean Left

North Korean hackers bug software used by thousands of US companies in potential crypto heist attempt

Suspected North Korean hackers have bugged a software package that has been used by thousands of US companies in a major supply-chain attack that could take months to recover from, security experts said Tuesday.

·Atlanta, United States
Read Full Article
Australian Financial ReviewAustralian Financial Review
Lean Right

North Korea-linked hack hits software that powers online services

The hackers targeted Axios, a program that connects apps and web services, by adding their own malicious software to an update.

·Sydney, Australia
Read Full Article
ReutersReuters
+2 Reposted by 2 other sources
Center

North Korea-linked hack hits largely invisible software that powers online services

Hackers linked to North Korea breached behind-the-scenes software that runs many common online functions in an effort to steal login information that could enable further cyber operations, ​Google said on Tuesday.

·United Kingdom
Read Full Article
The Hacker NewsThe Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. "We have attributed the attack to a suspected North Korean threat actor we track as UNC1069," John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told The Hacker News in a statement. "North Korean

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 72% of the sources are Center
72% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

Reuters broke the news in United Kingdom on Tuesday, March 31, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Cybersecurity icon

Cybersecurity

Asia icon

Asia

Hacking icon

Hacking

Internet icon

Internet

Social Media icon

Social Media

Software icon

Software

Apps icon

Apps

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal