The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign believed to have been conducted by North Korean threat actors. [...]
Axios npm hack used fake Teams error fix to hijack maintainer account
Résumé + lien vers la source. Sans paywall, sans tracking.