Decorative background

The 2026 Axios npm supply chain attack: What you need to know as a developer

A&D Forensics ad: "The 2026 Axios NPM Supply Chain Attack" with a hooded hacker on a laptop and code screens.

The 2026 Axios npm supply chain attack: What you need to know as a developer

The axios npm supply chain attack on March 31, 2026, brought a wake-up call for the JavaScript ecosystem. The attack didn’t just expose a vulnerability, it shattered foundational assumptions about open-source trust. If you or your team uses Node.js, ignoring this isn’t an option. Understanding how attackers weaponized a 100M+ weekly download library is the first step to defending against the same tactics.

Multiple threat intelligence firms including Google Threat Intelligence Group (GTIG), ThreatBook, and Mandiant have attributed the attack to state-sponsored threat actors (linked to North Korea’s Lazarus Group via UNC1069). The attackers orchestrated a multi-stage, cross-platform RAT (Remote Access Trojan) deployment. This wasn’t a typo-squatting fluke, and their goal was to turn developers’ trust in the npm registry into a backdoor. Let’s unpack what went down.

The Axios Compromise: Timeline and Tactics

Between 00:21 and 03:20 GMT, two malicious versions of axios 1.14.1 and 0.30.4 were published. Here’s the catch: the attacker didn’t modify the core library. Instead, they injected a decoy dependency: plain-crypto-js@4.2.1.

  • Step 1: A compromised maintainer account (jasonsaayman) with a long-lived npm token bypassed GitHub Actions CI/CD workflows and published the malicious axios versions directly via the npm CLI.
  • Step 2: When a developer ran npm install for the compromised versions, the malicious postinstall hook in plain-crypto-js triggered an obfuscated dropper script (setup.js).
  • Step 3: The dropper used a two-layer obfuscation (Base64 + XOR cipher OrDeR_7077) to hide its C2 server: sfrclak[.]com:8000.
  • Step 4: The dropper delivered platform-specific payloads:
    • macOS: A Mach-O binary masquerading as a system daemon (/Library/Caches/com.apple.act.mond).
    • Windows: PowerShell scripts in %PROGRAMDATA%\\wt.exe, executed via VBScript.
    • Linux: A Python backdoor (/tmp/ld.py) running under nohup.

Anti-forensic tactics:

The malware deleted its own setup.js and replaced package.json with a clean version.

Persistent Remote Access:

The installed RAT beacons to the C2 server every 60 seconds via HTTP POST, collecting system fingerprinting data. It supports commands including peinject (deploy additional payloads), runscript (execute arbitrary shell commands), rundir (enumerate filesystem), and kill (terminate the RAT).

Why This Was a Catastrophic Breach

Think you’re safe by checking your lockfile? Think again. Here’s why the potential impact is massive:

  1. 1.Semver Ranges: Most projects use "axios": "^1.13.5", which auto-updates to 1.14.1 during npm install.
  2. 2.npx and CLI Tools: CI pipelines and tools like Nx could pull in the compromised version without explicit dependencies.
  3. 3.Cascading Exposure: With 174K+ dependent packages, the malware spread downstream into pipelines, servers, and prod environments.

Immediate Action: Detection and Mitigation

If you ran npm install between 00:21 and 03:20 GMT, treat your systems as fully compromised. Run these checks NOW!:

# Check for vulnerable axios versionsnpm list axios | grep -E "1.14.1|0.30.4"# Scan lockfilesgrep -A1 '"axios"' package-lock.json | grep -E "1.14.1|0.30.4"# Confirm presence of decoy dependencyls node_modules/plain-crypto-js && echo "INFECTED"

If affected:

  1. 1.Wipe and rebuild from clean snapshots; no partial cleanup.
  2. 2.Rotate all credentials (npm tokens, cloud keys, CI/CD secrets, SSH keys).
  3. 3.Block C2 server traffic:

iptables -A OUTPUT -d "142.11.206.73" -j DROP

  1. 1.Audit downstream systems that might’ve consumed compromised artifacts.

Safe Versions & Long-Term Resilience

Stick to axios@1.14.0 (1.x branch) or axios@0.30.3 (0.x bramch). But for long-term, address systemic flaws:

For Developers & Teams:

  • Lockfiles are non-negotiable: Commit package-lock.json to version control.
  • Ban long-lived npm tokens: Rotate them monthly and enforce expiration policies.
  • SCA Tools: Use ones that flag obfuscated scripts and suspicious postinstall hooks.

For Organizations:

  • Adopt trusted publishing (OIDC) instead of long-lived tokens.
  • Implement dependency review gates in CI/CD for human approval.
  • Build private npm mirrors for vetted packages.
  • Conduct regular supply chain audits covering maintainer access and token inventory.

Conclusion

The Axios attack isn’t just a technical incident. It’s a blueprint for how state-sponsored actors weaponize open-source infrastructure. Your next move? Act like it matters. Supply chain security isn’t about checking boxes, you must assume every npm install is a potential breach vector. Start treating it that way.

How Can A&DForensics Cybersecurity Arm Help You?

At A&DForensics, we specialize in post-compromise investigations and supply chain hardening. If you’re unsure whether your systems were impacted, or need to rebuild securely, reach out. The cost of inaction can lead to millions in breach response, lost trust, and irreparable damage.

Contributor: Galadima Danladi

Read latest articles