ON March 31, 2026, two malicious Axios npm package updates, 1.14.1 and 0.30.4, were identified after they connected to a Sapphire Sleet C2 to download a second‑stage RAT, with Microsoft Threat Intelligence attributing the infrastructure to Sapphire Sleet. The attack relied on a fake dependency, plain-crypto-js@4.2.1, installed via an install-time hook that runs during npm installation or update, while the original runtime code remained untouched.
The second stage employed OS‑specific payloads on macOS, Windows and Linux, including a macOS binary, a Windows PowerShell and VBScript downloader, and a Linux Python payload, all orchestrated from a single C2 domain, sfrclak[.]com, on port 8000. Microsoft Defender for Endpoint and Microsoft Defender for Cloud detected and blocked the activity, while the report details post‑execution cleanup such as removing the loader and renaming the manifest to hide the install hook.
Organisations are advised to rotate secrets, downgrade Axios to safe versions, and disable auto‑updates, according to Microsoft Threat Intelligence and Microsoft Defender Security Research Team.