MALICIOUS versions of the Axios NPM package were distributed in a North Korean‑linked supply chain attack, with two backdoored releases published to the NPM registry just after midnight on 31 March 2026 and removed roughly three hours later, during which time around 3% of Axios users downloaded them.
The attackers used a long‑lived NPM access token to publish the backdoor directly via the NPM CLI, bypassing the GitHub Actions OIDC publishing workflow, and compromised the account of @jasonsaayman, the primary Axios maintainer, to enable the operation.
The backdoored iterations included a phantom dependency, plain-crypto-js, published 18 hours before the attack, supposedly to establish publishing history, while the malicious dependency itself was published about 20 minutes before the first Axios backdoor version and the second release followed 39 minutes later.
Security researchers attribute the incident to North Korean threat actors, with Google Threat Intelligence Group confirming UNC1069 as the tracked actor; Elastic notes overlaps with WaveShaper, attributed to UNC1069. Downstream, users are advised to remove the malicious packages, audit dependencies, rotate credentials, and scan for platform-specific malware artifacts. According to Huntress and others, the attack demonstrates a scalable, highly staged effort that leverages trust in widely used code.