Hi everyone, I wanted to let you know that we’re aware of the recent security incident involving the axios npm package.
After review, we can confirm that our systems were not affected, as we do not use the compromised versions (1.14.1 or 0.30.4), nor do our dependencies.
We were also able to confirm that no customers were manually importing these exploited versions through our Lambda functions.
We take supply chain security seriously and continuously monitor and review the third-party libraries we rely on. We’ll continue to follow best practices to ensure the safety of our platform and our users.