Supply Chain Attack Targets Axios npm Package with Malicious Dependency

A supply chain attack on the Axios npm package introduced a malicious dependency, plain-crypto-js@4.2.1, which functions as an obfuscated dropper to execute shell commands and stage payloads.