mirror of
https://github.com/StevenBlack/hosts.git
synced 2026-07-01 02:36:52 +00:00
Add axios supply chain attack C2 domains (sfrclak.com, callnrwise.com)
Closes #3098 These domains were used as C2 infrastructure in the axios npm supply chain attack on March 31, 2026 (GHSA-fw8c-xr5c-95f9). Malicious versions axios@1.14.1 and axios@0.30.4 were published via a hijacked maintainer account, injecting a RAT that beacons to these domains. References: - https://github.com/advisories/GHSA-fw8c-xr5c-95f9 - https://socket.dev/blog/axios-npm-package-compromised
This commit is contained in:
@@ -3152,3 +3152,7 @@
|
||||
|
||||
# Added March 29, 2026
|
||||
0.0.0.0 kra18.com
|
||||
|
||||
# Added March 31, 2026
|
||||
0.0.0.0 sfrclak.com
|
||||
0.0.0.0 callnrwise.com
|
||||
|
||||
Reference in New Issue
Block a user