16:[] e:"$W16" 9:[["$","$L17","4ECBD1",{"panes":[{"content":"$L18","displayTitle":"Axios Supply Chain Attack","frontmatter":{"slug":"4ECBD1","lang":"en","created":"$D2026-03-31T04:21:14.000Z","modified":"$D2026-03-31T04:30:36.000Z","title":"Axios Supply Chain Attack"},"slug":"4ECBD1","title":"@twitter@2038797094861918332"}]}]] 11:[["$","meta","0",{"charSet":"utf-8"}],["$","meta","1",{"name":"viewport","content":"width=device-width, initial-scale=1"}]] 18:["$","$19","4ECBD1",{"default":"none","enter":"note-page-fade","children":["$","article",null,{"className":"prose max-w-none p-4 md:p-8","children":[["$","h1",null,{"className":"mb-6 text-xl font-semibold tracking-tight","data-pane-title":true,"children":["$","$19",null,{"name":"note-title-4ECBD1","default":"none","share":"note-title-share","children":["$","span",null,{"className":"inline-flex items-center gap-1","children":[["$","span",null,{"dangerouslySetInnerHTML":{"__html":""},"className":"flex items-center [&>svg]:size-4 [&>svg]:fill-current"}],"Axios Supply Chain Attack"]}]}]}],["$","div",null,{"className":"flex flex-col gap-8","children":[["$","$L1a",null,{"liveData":"$L1b","notes":["$","div",null,{"dangerouslySetInnerHTML":{"__html":""}}]}],["$","$L1c",null,{"hex":"4ECBD1","backlinks":[{"displayTitle":"260331","filename":"260331.md","hex":"260331","modified":"Wed Apr 01 2026 02:24:20 GMT+0000 (Coordinated Universal Time)","title":"260331"}]}]]}]]}]}] 1b:["$","div",null,{"className":"flex flex-col gap-4","children":["$","div",null,{"className":"prose max-w-none","dangerouslySetInnerHTML":{"__html":"

@npmjs @GHSecurityLab there is an active supply chain attack on axios@1.14.1 which pulls in a malicious package published today - plain-crypto-js@4.2.1 - someone took over a maintainer account for Axios
— Maxwell (@mvxvvll) March 31, 2026

\n\n"}}]}] c:null 13:[["$","title","0",{"children":"Axios Supply Chain Attack"}],["$","meta","1",{"property":"og:title","content":"Axios Supply Chain Attack"}],["$","meta","2",{"property":"og:image","content":"https://cho.sh/4ECBD1/opengraph-image?942e0cf6e90f15be"}],["$","meta","3",{"property":"og:image:type","content":"image/png"}],["$","meta","4",{"property":"og:image:width","content":"2400"}],["$","meta","5",{"property":"og:image:height","content":"1260"}],["$","meta","6",{"property":"og:image:alt","content":"cho.sh"}],["$","meta","7",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","8",{"name":"twitter:title","content":"Axios Supply Chain Attack"}],["$","meta","9",{"name":"twitter:image","content":"https://cho.sh/4ECBD1/opengraph-image?942e0cf6e90f15be"}],["$","meta","10",{"name":"twitter:image:alt","content":"cho.sh"}],["$","meta","11",{"name":"twitter:image:type","content":"image/png"}],["$","meta","12",{"name":"twitter:image:width","content":"2400"}],["$","meta","13",{"name":"twitter:image:height","content":"1260"}],["$","link","14",{"rel":"icon","href":"/logo.svg","type":"image/svg+xml"}],["$","link","15",{"rel":"apple-touch-icon","href":"/logo.svg"}],["$","$L1d","16",{}]] 1e:["slugs"] 15:"$W1e" 1f:["slugs"] d:"$W1f" 20:[] f:"$W20"