General warning for JS developers. There has been a supply chain attack through NPM on axios 1.14.1.
N8N is safe, as its using “axios”: “1.13.5”,
but your workstations might still be at risk from your other projects
This morning there has been a compromise of Axios, one of the most common dependencies in the JS ecosystem. A maintainer account was hijacked and used to publish malicious versions directly to npm, bypassing the project’s CI/CD pipeline.
Indicators of Compromise:
∙ axios version 1.14.1 or 0.30.4 in any lockfile
∙ macOS: /Library/Caches/com.apple.act.mond
∙ Linux: /tmp/ld.py
∙ Windows: %PROGRAMDATA%\wt.exe
If you find any of the indicators on a system, stop using that system and rotate any password or secret it had access to.