Chain Reaction | Axios Attack (TryHackMe)

On March 31, 2026, two malicious versions of Axios — one of JavaScript's most downloaded HTTP client libraries — were quietly pushed to npm and downloaded by developers across the globe. What followed