STEPSECURITY’S AI Package Analyst and Harden-Runner detected the axios compromise, described as the largest npm supply chain attack on a single package by download count, before public disclosure, amid a state-sponsored actor that deleted GitHub issues to suppress warnings and a community call at midnight that drew 200 attendees.
The alert came after the compromised axios versions 1.14.1 and 0.30.4 were flagged with indicators such as an undocumented dependency and a mismatched internal version, and Harden-Runner identified an anomalous outbound call to the C2 domain sfrclak[.]com from CI/CD runners installing the package.
The incident prompted rapid actions, including publishing a threat centre alert, notifying enterprise customers, and reporting the compromised packages to npm and the axios maintainers’ GitHub repository, where the attacker repeatedly deleted issues—approximately 20 times—using the maintainer’s accounts to suppress warnings. By 6 April 2026, the post highlighted that axios is a widely used HTTP client with over 100 million weekly downloads, more than 17 million repositories, and 240 thousand packages as dependents.
The report attributes the campaign to a North Korean threat actor, with attribution to UNC1069 by Google’s Threat Intelligence Group and to Sapphire Sleet by Microsoft Threat Intelligence, describing the operation as highly coordinated rather than opportunistic.