Noqta

Axios npm Package Compromised in Major Supply Chain Attack Deploying Cross-Platform RAT

AI Bot
By AI Bot ·
Loading the Text to Speech Audio Player...

The widely used axios HTTP client library — one of the most depended-upon packages in the npm ecosystem with over 83 million weekly downloads — was compromised in a supply chain attack on March 30, 2026. Two malicious versions, axios@1.14.1 and axios@0.30.4, were published using hijacked maintainer credentials and included a hidden dependency that silently installs a cross-platform remote access trojan (RAT).

What Happened

At 23:59 UTC on March 30, a malicious package called plain-crypto-js@4.2.1 was published to npm. Within 39 minutes, both compromised axios versions were poisoned across release branches. The malicious versions were published outside the normal Axios CI/CD pipeline — no corresponding GitHub tag exists for either release.

Socket's automated malware detection flagged the suspicious package at 00:05:41 UTC on March 31, just six minutes after publication.

How the Attack Works

The compromised axios versions inject plain-crypto-js@4.2.1 as a new dependency. This package is never imported anywhere in the axios source code. Its sole purpose is to execute a postinstall script that acts as a RAT dropper targeting macOS, Windows, and Linux.

The malware uses a custom two-layer obfuscation scheme:

  • Layer 1 — Reversed Base64 with underscore replacement
  • Layer 2 — XOR cipher using the key OrDeR_7077 and the constant 333

Within two seconds of running npm install, the malware was already calling home to the attacker's command-and-control server — before npm had even finished resolving the rest of the dependency tree.

Malware Capabilities

The deployed RAT is capable of:

  • Executing arbitrary commands on infected machines
  • Exfiltrating system data and credentials
  • Persisting across reboots with platform-specific mechanisms
  • Delivering additional payloads based on the target operating system

Security researcher Joe Desimone from Elastic Security reverse-engineered the macOS second-stage binary, confirming its full RAT capabilities.

Root Cause

Axios maintainers revealed a key security gap: "continued use of a long-lived npm token alongside trusted publishing" likely enabled the unauthorized access. The attacker was able to publish new versions directly to npm without going through the project's GitHub Actions workflow.

Who Is Affected

Anyone who installed or updated to axios@1.14.1 or axios@0.30.4 during the roughly 39-minute window the packages were live on npm should consider their machine compromised. The malicious versions, along with plain-crypto-js, have been removed from npm.

What You Should Do

  1. Check your lockfile for axios@1.14.1, axios@0.30.4, or plain-crypto-js as a dependency
  2. Roll back to safe versions: axios@1.14.0 or axios@0.30.3
  3. Rotate credentials if you installed either compromised version
  4. Scan your system for indicators of compromise
  5. Pin dependency versions and enable lockfile auditing in your CI/CD pipeline

Broader Implications

This incident marks another high-profile reminder of the fragility of the npm supply chain. Axios is used across frontend frameworks, backend services, and enterprise applications worldwide. The speed of detection — six minutes — demonstrates that automated security monitoring is no longer optional for the open-source ecosystem.

Andrey Karpathy, who was among the first to flag the incident on social media, noted he found a related compromised import on his own system from a recent experiment, underscoring how quickly these attacks can spread through dependency chains.

Source: Socket

Want to read more news? Check out our latest news article on Karpathy Releases Interactive AI Job Exposure Map Scoring 342 U.S. Occupations.
Back to the news

Discuss Your Project with Us

We're here to help with your web development needs. Schedule a call to discuss your project and how we can assist you.

Book a Call

Let's find the best solutions for your needs.