North Korean hackers have been blamed for compromising Axios, a popular open-source JavaScript library used for making HTTP requests, according to security researchers. The malicious code was inserted into the widely-used web development tool, which is downloaded tens of millions of times weekly by developers worldwide.

The compromise represents a supply chain attack, where threat actors target widely-used software components to potentially reach numerous downstream users. Axios is commonly used in web applications and development projects, making it an attractive target for malicious actors seeking broad distribution of their code.

Security experts have attributed the attack to North Korean hackers, though the specific attribution methods and evidence have not been detailed in available reports. North Korean cyber groups have previously been linked to various high-profile cyberattacks and cryptocurrency thefts.

The incident highlights ongoing vulnerabilities in the open-source software ecosystem, where popular libraries and tools can become vectors for widespread malware distribution. Software supply chain attacks have become an increasingly common tactic among sophisticated threat actors seeking to maximize the reach of their malicious activities.

The discovery of the compromised code prompted immediate response from the cybersecurity community to assess the scope of the breach and implement protective measures for affected systems.