If you have ever used a modern website, an AI tool, or a cloud application, there is a good chance your data passed through a piece of software called Axios. It is one of the most popular JavaScript libraries on Earth, downloaded tens of millions of times every week from npm, the package registry that powers most of the internet's applications.

North Korea poisoned it.

Google's Threat Intelligence Group has formally attributed a supply chain compromise of the Axios npm package to UNC1069, a financially motivated North Korean hacking group. The attack injected a malicious dependency called plain-crypto-js into Axios versions 1.14.1 and 0.30.4 on March 31, 2026, between 00:21 and 03:20 UTC. The implant, called WAVESHAPER.V2, gave attackers a backdoor into any system running the compromised versions.

But Axios was not alone. It was one piece of a far larger campaign.

1,700 Packages Across Four Languages

According to a report from the Security Alliance (SEAL), UNC1069 spread 1,700 malicious packages across npm, PyPI, Go, and Rust package registries between February 6 and April 7, 2026. The group impersonated legitimate services like Microsoft Teams and Zoom to trick package maintainers into handing over account credentials. SEAL blocked 164 domains linked to the operation in that period alone.

The scale is staggering. This is not a targeted hack against a single company. This is a state-sponsored attack on the software supply chain itself, targeting the foundational packages that millions of developers trust implicitly every time they run npm install.

Why AI Makes This Worse

Here is the angle that should keep AI company security teams awake tonight. The vibe coding revolution has created millions of new developers who install packages they have never reviewed. AI coding assistants suggest dependencies constantly. Claude Code, GitHub Copilot, and Cursor all recommend packages based on popularity and context, not security audits. When an AI assistant suggests importing Axios, nobody questions it. It is one of the most trusted packages in the ecosystem.

That trust is now a vulnerability. The same AI tools that are making software development faster are also making supply chain attacks more effective. Every vibe-coded app, every AI-generated project, every quickly prototyped startup that auto-installs popular packages is a potential target. And North Korea is not the only threat actor watching.

The Axios compromise was caught relatively quickly and patched. But UNC1069 had two months and 1,700 packages to work with. How many organizations downloaded compromised code before the fix? How many still have not updated? Those are the questions nobody at Google, Microsoft, or npm wants to answer publicly right now.

The AI-accelerated development era is producing code faster than any security team can review it. North Korea just proved it can exploit that gap at industrial scale. First reported by The Hacker News, with attribution confirmed by Google Threat Intelligence Group.