Warning Number:
2026-7391
Severity Level
Warning Date
07/04/2026
Target sector
Description
Malicious code injected in AXIOS NPM package. The injected malicious code allows the attacker to perform unauthorized modification on the affected applications.
Affected Packages:
• axios@1.14.1
• axios@0.30.4
Best Practice And Recommendations
The CERT team encourages users to perform the following:
2. Reinstall the affected package with an unaffected version.
3. Remove the dependency (plain-crypto-js)
4. Review the logs of the affected systems to rule out any suspicious activities or connections to the related IoCs. If a malicious activity is detected; Isolate the affected system, activate the incident response plan.
5. Reset all credentials and access tokens on the affected systems.
Critical Security Alerts
Warning Number:
2026-7602
Severity Level
Warning Date
29/06/2026
Target sector
Warning Number:
2026-7601
Severity Level
Warning Date
29/06/2026
Target sector
Warning Number:
2026-7600
Severity Level
Warning Date
26/06/2026
Target sector
Warning Number:
2026-7599
Severity Level
Warning Date
25/06/2026
Target sector
Warning Number:
2026-7598
Severity Level
Warning Date
24/06/2026
Target sector
Warning Number:
2026-7597
Severity Level
Warning Date
24/06/2026
Target sector
Warning Number:
2026-7596
Severity Level
Warning Date
24/06/2026
Target sector
Warning Number:
2026-7595
Severity Level
Warning Date
24/06/2026
Target sector
Warning Number:
2026-7594
Severity Level
Warning Date
24/06/2026
Target sector
Last Update at: 07/04/2026 - 9:10pm Saudi time
Was this page useful?
0% of users said Yes from 0 Feedbacks