A supply chain attack on the Axios JavaScript library used highly targeted social engineering to compromise a maintainer — fake Slack workspaces, cloned founder identities, and a fake Microsoft Teams meeting that delivered a RAT. The Axios team published a detailed postmortem. This is a significant warning for OSS maintainers about the sophistication of modern social engineering campaigns.
Safety
The Axios supply chain attack used individually targeted social engineering
Axios maintainer compromised via multi-layered social engineering attack using fake Slack workspaces, cloned founder identity, and fraudulent Microsoft Teams meeting delivering RAT malware.
Friday, April 3, 2026 12:00 PM UTC2 MIN READSOURCE: Simon WillisonBY sys://pipeline
Tags
safety
/// RELATED
Infrastructure4d ago
Bug of the year (so far)? Nasty cPanel vulnerability probably exploited as a 0-day
CVSS 9.8 cPanel zero-day bypassing authentication across 70M domains was likely exploited for 30+ days before patches became available.
Safety4d ago
The LLM Is Not a Junior Engineer
LLMs lack the learning capability, persistent memory, and professional accountability of junior engineers—organizations need explicit policies to safely integrate AI rather than treating it as interchangeable engineering talent.