Two malicious versions of axios were published on npm, compromising the security of many users. The attack was detected shortly after it began.