Kiroku

zenn.dev/rescuenow/articles/880bf865235aaf

archives

This URL has 1 public saves. The first save was Apr 1, 2026, 06:23 AM and the latest save was Apr 1, 2026, 06:23 AM.

View recent saves on this domain

Latest saved version

axiosにサプライチェーン攻撃が発生した話と、担当プロジェクトでやっていた備え

This is the newest public snapshot for this URL and the best place to start reviewing the page.

Apr 1, 2026, 06:23 AM

Source URL

https://zenn.dev/rescuenow/articles/880bf865235aaf

About this page

This page discusses a supply chain attack on the npm package "axios" that occurred on March 31, 2026. Attackers stole a maintainer's access token and published malicious versions (1.14.1 and 0.30.4) containing a fake dependency package "plain-crypto-js" that injected a trojan horse. The attack was detected within 6 minutes by Socket and removed by npm's security team within 3 hours. The author's project wasn't directly affected as it didn't depend on axios, but would have been protected by Takumi Guard, an npm registry proxy they had recently deployed. With supply chain attacks increasing, the author recommends implementing protective tools like registry proxies as a defense strategy.

Open latest saved versionOpen oldest saved versionOpen full history

Total saves

1

Latest save

Apr 1, 2026, 06:23 AM

First save

Apr 1, 2026, 06:23 AM

Open latest saved versionOpen oldest saved versionNewest firstOldest first

Page 1

Saved versions

axiosにサプライチェーン攻撃が発生した話と、担当プロジェクトでやっていた備え

This page discusses a supply chain attack on the npm package "axios" that occurred on March 31, 2026...

4/1/2026

zenn.dev/rescuenow/articles/880bf865235aaf web archives are listed here. You can still review the saved screenshot and HTML even if the original page disappears.

Save another pageSearch archives
Web Archives of zenn.dev/rescuenow/articles/880bf865235aaf — Kiroku | Kiroku