Supply chain attack hits Axios npm releases, users urged to rotate keys

Security companies flagged axios@1.14.1 and 0.30.4 as compromised, urging credential rotation and rollback of affected packages.