Attack on axios software developer tool threatens widespread compromises
A hacker briefly delivered malware this week through a popular open-source project for software developers that has an estimated 100 million weekly downloads, raising the possibility of compromises spreading widely through a supply-chain attack.
Axios is a JavaScript client library used in web requests. The unknown attacker hijacked the npm account — npm being a package manager for JavaScript — of the lead axios maintainer, and then published malicious versions of axios with remote access trojans to npm. That happened on Sunday night going into Monday morning, cybersecurity firm Huntress said, before the poisoned versions were pulled.
Aikido, another security firm, called it “one of the most impactful npm supply chain attacks on record.” Researchers at a large number of cyber companies have sounded alarms about the attack, including Step Security, Socket, Endor Labs and others.
According to Step Security, the malicious “axios@1.14.1” and “axios@0.30.4” versions inject a new software dependency, plain-crypto-js@4.2.1, that acts as a loader for the malware. It targets MacOS, Windows and Linux devices.
But, while the researchers describe it as malware, they note that “there are zero lines of malicious code inside axios itself.” Rather, the software is simply functioning as designed — or redesigned.
“Both poisoned releases inject a fake dependency… never imported anywhere in the axios source, whose sole purpose is to run a [post installation] script that deploys a cross-platform remote access trojan,” wrote Ashish Kurmi, chief technology officer and founder of Step Security.
Feross Aboukhadijeh, CEO and founder of Socket, called the situation “a live compromise” with a wide potential blast radius.
“This is textbook supply chain installer malware,” Aboukhadijeh wrote on X Monday evening, adding about the malicious versions that “Every npm install pulling the latest version is potentially compromised right now.”
The software package pulled in by the malicious versions of axios has embedded payloads that evade static cybersecurity analysis methods and confound human reviewers, and deletes and renames artifacts to destroy forensic evidence.
Aboukhadijeh gave blunt advice for anyone who had downloaded or used axios in the past week at least.
“If you use axios, pin your version immediately and audit your lockfiles,” he wrote. “Do not upgrade.”
Kurmi described the attack as “precision,” noting that the malicious dependency was staged less than 24 hours in advance and both malicious versions were poisoned within the same hour.
Given the timeframe during which the malicious axios versions were online, that could translate into approximately 600,000 downloads, said Joshua Wright, SANS Institute faculty fellow and senior technical director at Counter Hack Innovations.
“That’s a large number of compromises, and as soon as you install the software, it scrapes access credentials, and so now threat actors could pivot to AWS, other GitHub packages through scraped GitHub keys, and that’s the part that’s really difficult to articulate,” he told CyberScoop, warning that the fallout could stretch for weeks. “We’re going to see more and more stories about people that realize they’ve gotten breached, as today they’re trying to figure out what the impact is of that.”
The attack follows closely on the heels of other cases of developer-oriented targeting.
Google Threat Intelligence Group said the attack wasn’t related to the recent TeamPCP attacks, however, instead saying it had attributed the axios attack to a suspected North Korean hacking group it labels UNC1069.
“Korean hackers have deep experience with supply chain attacks, which they’ve historically used to steal cryptocurrency,” said John Hultquist, the unit’s chief analyst. “The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts.”
This story was updated March 31, 2026, with comments from Google Threat Intelligence Group.
