Popular JavaScript Package Axios Gets Compromised - DTNS 5237
Daily Tech News Show
Tom Merritt
4.8 • 1.5K Ratings
🗓️ 31 March 2026
⏱️ 29 minutes
🧾️ Download transcript
Summary
Meta adds two new Ray-Ban frames meant to make them more prescription-lens friendly, and Samsung’s new app plays ultra-low frequencies into most earbuds to help reduce motion sickness.
Starring Jason Howell and Tom Merritt.
Links to stories discussed in this episode can be found here.
Hosted on Acast. See acast.com/privacy for more information.
Transcript
Click on a timestamp to play from that location
| 0:00.0 | This is the Daily Tech News for Tuesday, March 31st, 2026. We tell you what you need to know, |
| 0:09.8 | give you the important context and help each other understand. |
| 0:12.7 | Yeah, and today there's a lot to understand. We have a supply chain attack on a JavaScript |
| 0:17.8 | package that is affecting millions of apps. This is the kind of thing that you may think doesn't affect you right away, but if something goes weird, you might want to know that this could be why. And if you're a developer, you're definitely going to want to know about this. Absolutely, if you're a developer. We're going to get into what it actually is. I'm Jason Howell. |
| 0:37.6 | I'm Tom Merritt. |
| 0:38.6 | And we're going to start with what you need to know with a big story. |
| 0:43.6 | And big thank you to Motang, who noted this story in our subreddit. |
| 0:48.8 | So much activity happening in the subreddit. |
| 0:50.7 | Love it. |
| 0:51.5 | One of the most popular packages for developers to get their apps, |
| 0:55.3 | front end or back end, to communicate, suffered a supply chain attack. |
| 1:00.2 | This is what Tom was talking about at the top. |
| 1:02.2 | How did they do this? |
| 1:03.2 | Well, I'm going to hand it over to Tom because he's the one that did some deep, |
| 1:06.0 | deep learning on this because it is very developer focused. |
| 1:09.6 | Yes. |
| 1:10.6 | Jason prompted my deep learning package. |
| 1:14.6 | So, and security professionals, we are going to simplify some things here. |
| 1:20.0 | So do forgive it, but I think this is mostly going to give people the accurate permission |
| 1:24.7 | or accurate impression. |
| 1:26.3 | And you should go dig into it more |
| 1:28.8 | if you are affected. An attacker compromised the maintainer account of the lead maintainer of the |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Tom Merritt, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Tom Merritt and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.