A North Korean Backdoor Lived Inside Axios for 3 Hours. Millions of Pipelines Pulled It.

On March 31, 2026, a state-sponsored attacker pushed malware through axios — npm's most popular HTTP client. Here's the full technical breakdown, the exact compromised versions, and every command needed to check if your machines are clean.