git.99rst.org / stevenblack-hosts.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5039231)
Add axios supply chain attack C2 domains (sfrclak.com, callnrwise.com)
authorHomelabineer <redacted>
Tue, 31 Mar 2026 16:40:56 +0000 (11:40 -0500)
committerHomelabineer <redacted>
Tue, 31 Mar 2026 16:40:56 +0000 (11:40 -0500)
commited4ca8687f2541e3b2b5aa94b6342082cac254e5
tree3992d6b721db263fb33a8fbd5474f0580b2e9379tree | snapshot
parent50392318f52d2b8d0638e0b249094ccca4a7a1f5commit | diff
Add axios supply chain attack C2 domains (sfrclak.com, callnrwise.com)

Closes #3098

These domains were used as C2 infrastructure in the axios npm supply
chain attack on March 31, 2026 (GHSA-fw8c-xr5c-95f9). Malicious
versions axios@1.14.1 and axios@0.30.4 were published via a hijacked
maintainer account, injecting a RAT that beacons to these domains.

References:
- https://github.com/advisories/GHSA-fw8c-xr5c-95f9
- https://socket.dev/blog/axios-npm-package-compromised
data/StevenBlack/hosts diff | blob | history
git clone https://git.99rst.org/PROJECT