Warning Number:
2026-7391
Severity Level
Warning Date
07/04/2026
Target sector
Description
Malicious code injected in AXIOS NPM package. The injected malicious code allows the attacker to perform unauthorized modification on the affected applications.
Affected Packages:
• axios@1.14.1
• axios@0.30.4
Best Practice And Recommendations
The CERT team encourages users to perform the following:
2. Reinstall the affected package with an unaffected version.
3. Remove the dependency (plain-crypto-js)
4. Review the logs of the affected systems to rule out any suspicious activities or connections to the related IoCs. If a malicious activity is detected; Isolate the affected system, activate the incident response plan.
5. Reset all credentials and access tokens on the affected systems.
Critical Security Alerts
Warning Number:
2026-7437
Severity Level
Warning Date
28/04/2026
Target sector
Warning Number:
2026-7436
Severity Level
Warning Date
28/04/2026
Target sector
Warning Number:
2026-7435
Severity Level
Warning Date
27/04/2026
Target sector
Warning Number:
2026-7434
Severity Level
Warning Date
27/04/2026
Target sector
Warning Number:
2026-7433
Severity Level
Warning Date
24/04/2026
Target sector
Warning Number:
2026-7432
Severity Level
Warning Date
23/04/2026
Target sector
Warning Number:
2026-7431
Severity Level
Warning Date
22/04/2026
Target sector
Warning Number:
2026-7430
Severity Level
Warning Date
22/04/2026
Target sector
Warning Number:
2026-7429
Severity Level
Warning Date
22/04/2026
Target sector
Last Update at: 07/04/2026 - 9:10pm Saudi time
Was this page useful?
0% of users said Yes from 0 Feedbacks