Warning Number:
2026-7391
Severity Level
Warning Date
07/04/2026
Target sector
Description
Malicious code injected in AXIOS NPM package. The injected malicious code allows the attacker to perform unauthorized modification on the affected applications.
Affected Packages:
• axios@1.14.1
• axios@0.30.4
Best Practice And Recommendations
The CERT team encourages users to perform the following:
2. Reinstall the affected package with an unaffected version.
3. Remove the dependency (plain-crypto-js)
4. Review the logs of the affected systems to rule out any suspicious activities or connections to the related IoCs. If a malicious activity is detected; Isolate the affected system, activate the incident response plan.
5. Reset all credentials and access tokens on the affected systems.
Critical Security Alerts
Warning Number:
2026-7502
Severity Level
Warning Date
20/05/2026
Target sector
Warning Number:
2026-7501
Severity Level
Warning Date
20/05/2026
Target sector
Warning Number:
2026-7500
Severity Level
Warning Date
19/05/2026
Target sector
Warning Number:
2026-7499
Severity Level
Warning Date
19/05/2026
Target sector
Warning Number:
2026-7498
Severity Level
Warning Date
19/05/2026
Target sector
Warning Number:
2026-7497
Severity Level
Warning Date
19/05/2026
Target sector
Warning Number:
2026-7496
Severity Level
Warning Date
19/05/2026
Target sector
Warning Number:
2026-7495
Severity Level
Warning Date
19/05/2026
Target sector
Warning Number:
2026-7494
Severity Level
Warning Date
18/05/2026
Target sector
Last Update at: 07/04/2026 - 9:10pm Saudi time
Was this page useful?
0% of users said Yes from 0 Feedbacks