Back

North Korean Group UNC1069 Behind Axios npm Supply Chain Attack

Severity: High (Score: 74.0)

Sources: Thehackernews

Summary

On March 31, 2026, a supply chain attack targeting the Axios npm package was attributed to the North Korean cyber group UNC1069. This attack exploited vulnerabilities in the software supply chain, affecting numerous developers and organizations reliant on Axios for their applications. The attack's scope is significant, as it potentially compromises the integrity of software used widely across various sectors. The specific attack vector and tools used by UNC1069 have not been detailed in the articles. Current assessments indicate heightened alertness among organizations using Axios, with ongoing investigations into the full impact of the breach. As of April 1, 2026, Google has confirmed the attribution to UNC1069, emphasizing the need for enhanced security measures in software supply chains. The incident highlights the persistent threat posed by state-sponsored actors in the cybersecurity landscape. Key Points: • The Axios npm package was targeted in a supply chain attack linked to North Korean group UNC1069. • The attack affects numerous developers and organizations using Axios for their applications. • Google confirmed the attribution to UNC1069, indicating a serious threat to software supply chains.

Key Entities

  • UNC1069 (apt_group)
  • Supply Chain Attack (attack_type)
  • Google (company)
  • Npm (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed