AXIOS NPM Alert

The CERT team encourages users to perform the following:

 

1.    Clear NPM cache for the package manager.
2.    Reinstall the affected package with an unaffected version.
3.    Remove the dependency (plain-crypto-js)
4.    Review the logs of the affected systems to rule out any suspicious activities or connections to the related IoCs. If a malicious activity is detected; Isolate the affected system, activate the incident response plan.
5.    Reset all credentials and access tokens on the affected systems.