Warning Number:
2026-7391
Severity Level
Warning Date
07/04/2026
Target sector
Description
Malicious code injected in AXIOS NPM package. The injected malicious code allows the attacker to perform unauthorized modification on the affected applications.
Affected Packages:
• axios@1.14.1
• axios@0.30.4
Best Practice And Recommendations
The CERT team encourages users to perform the following:
2. Reinstall the affected package with an unaffected version.
3. Remove the dependency (plain-crypto-js)
4. Review the logs of the affected systems to rule out any suspicious activities or connections to the related IoCs. If a malicious activity is detected; Isolate the affected system, activate the incident response plan.
5. Reset all credentials and access tokens on the affected systems.
Critical Security Alerts
Warning Number:
2026-7561
Severity Level
Warning Date
10/06/2026
Target sector
Warning Number:
2026-7560
Severity Level
Warning Date
10/06/2026
Target sector
Warning Number:
2026-7559
Severity Level
Warning Date
10/06/2026
Target sector
Warning Number:
2026-7558
Severity Level
Warning Date
09/06/2026
Target sector
Warning Number:
2026-7557
Severity Level
Warning Date
09/06/2026
Target sector
Warning Number:
2026-7556
Severity Level
Warning Date
09/06/2026
Target sector
Warning Number:
2026-7555
Severity Level
Warning Date
09/06/2026
Target sector
Warning Number:
2026-7554
Severity Level
Warning Date
09/06/2026
Target sector
Warning Number:
2026-7553
Severity Level
Warning Date
09/06/2026
Target sector
Last Update at: 07/04/2026 - 9:10pm Saudi time
Was this page useful?
0% of users said Yes from 0 Feedbacks