@usebruno/cli

Axios npm Supply Chain Incident Impacting @usebruno/cli ### **Impact** This is a **supply chain attack** involving compromised versions of the `axios` npm package, which introduced a hidden dependency deploying a cross-platform Remote Access Trojan (RAT). Users of **@usebruno/cli** who ran `npm install` between **00:21 UTC and ~03:30 UTC on March 31, 2026** may have been impacted. Potential impact includes: * Execution of a malicious `postinstall` script * Remote Access Trojan (RAT) installation * Exfiltration of credentials and sensitive data *