my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog / #axios

OpenAI Rotated Its macOS Signing Certs After the Axios Attack. No Proof of Key Theft. They Rotated Anyway.

John Z Black Apr 13, 2026

Security Operations & Resilience #supply-chain #openai #code-signing #macos #ci/cd #axios #certificate-revocation

A malicious Axios npm package executed inside OpenAI's GitHub Actions signing workflow. Their investigation found no evidence keys were stolen. They revoked and rotated the certificates anyway. That decision is the interesting part.

Read More

North Korea Backdoored Axios for Three Hours. That Was Enough.

John Z Black Apr 2, 2026

Threat Intelligence #npm #supply-chain #north-korea #axios #dprk #waveshaper #unc1069

DPRK hackers hijacked the Axios npm package, deploying a self-erasing backdoor across 100 million weekly downloads. Three hours was all they needed.

Read More

Axios Was Backdoored to Install a RAT. And It Left No Traces.

John Z Black Mar 31, 2026

Threat Intelligence #npm #supply-chain #axios #rat #malware #javascript #maintainer-compromise

Read More