Suspected North Korea-linked hackers have compromised the popular open-source Axios software package in a supply-chain attack, reports said. This, say security researchers, could expose several US firms to credential theft and further intrusions.
Axios is widely used by companies across sectors in the US to simplify website and application development, making the breach a potentially far-reaching incident. Additionally, some cryptocurrency firms also use the software, as well as technology companies operating in the crypto industry.
Also Read: Google Teases Screenless Fitness Band As Rival Whoop Hits $10B
The cyber attack reportedly gave the hackers access to the account of a software developer who maintains Axios for at least three hours, long enough to push malicious updates to users who downloaded the package during that window. Cybersecurity researchers said the compromised versions could have distributed malware to downstream systems before the attacker lost access.
Google-owned cyber-intelligence firm Mandiant said the incident was carried out by a suspected North Korean hacking group and warned that the attackers would likely try to use the access they gained to steal cryptocurrency from enterprises. Charles Carmakal, Mandiant's chief technology officer, said the impact may take months to fully assess.
A researcher at Huntress said the firm had already identified around 135 compromised devices belonging to at least 12 companies, though that figure was described as only a small sample of the total impact. Other researchers and security firms warned that the true scale of the breach could be much larger because Axios is embedded in a wide range of software environments.
The malicious updates were removed after a short period, but experts said that does not eliminate the danger, since any system that installed the poisoned package during the attack window may already be exposed. Reports also said the malware could target macOS, Windows and Linux systems, broadening the risk for developers and enterprises alike.
Also Read: iQOO 15 Apex Edition Launched — Check Out All-New Look, Specs, Features, Price In India
Pyongyang's hacking corps is reportedly a crucial source of revenue for the nuclear-armed and sanctions-battered country. According to reports from the United Nations and private firms, hackers from North Korea have stolen billions of dollars from banks and cryptocurrency firms in the past few years.
In 2025 alone, the hackers stole $1.5 billion in cryptocurrency in a single attack, which was then the largest crypto hack on record. Roughly half of the country's missile program is funded by such digital heists, a White House official noted in 2013.
Essential Business Intelligence, Continuous LIVE TV, Sharp Market Insights, Practical Personal Finance Advice and Latest Stories — On NDTV Profit.