Overview
A critical supply chain compromise involving the widely used JavaScript library axios has introduced malicious packages into the NPM ecosystem, with confirmed reports of remote access trojan (RAT) functionality being deployed to affected systems.
With over 100 million downloads per week, axios is embedded across web applications, backend services, and automated build pipelines worldwide. Even a brief exposure window has the potential to impact thousands of organizations through both direct and transitive dependencies.
This attack validates warnings shared by SANS expert Joshua Wright at RSAC just days ago, highlighting how attackers are increasingly targeting trusted software components to achieve scale.
In this emergency livestream, SANS experts will break down what happened, who is at risk, and what defenders must do immediately.
What You Will Learn
- How the axios supply chain compromise occurred
- Why this attack is more dangerous than it initially appears
- How malicious packages delivered credential theft and persistent access
- The hidden risk of CI/CD pipelines and automated dependency updates
- Ways to configure your CI/CD pipeline efforts to lower the chance of follow-on attacks
- Indicators of compromise and how to detect them in your environment
- Immediate mitigation and response steps to reduce risk
- What this incident signals about the future of supply chain attacks
Who Should Attend
- Security operations and incident response teams
- Developers and DevSecOps professionals
- Cloud security and infrastructure teams
- Security leaders responsible for risk and resilience
- Anyone responsible for managing software dependencies
