Axios maintainer’s post mortem confirms social engineering by UNC1069

The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.