Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

AXIOS, the popular JavaScript HTTP client, has been weaponised in a supply chain attack after attackers hijacked the npm account of its lead maintainer and published two booby‑trapped releases. The malicious versions 1.14.1 and 0.30.4 introduced a fake dependency called plain‑crypto‑js 4.2.1 that executes a postinstall script dropping a cross‑platform remote access trojan. The compromise was first observed on 31 March 2026 and quickly spread to projects that rely on Axios for HTTP requests in both frontend and backend applications. The Hacker News reported the incident.

The rogue package runs a postinstall script that contacts a live command‑and‑control server and delivers platform‑specific second‑stage payloads for Windows, macOS and Linux. Researchers at Elastic Security Labs identified the dropper as a modular RAT capable of gathering system information, executing arbitrary commands and maintaining persistence through legitimate‑looking processes. The attack leveraged the trusted npm publish flow, allowing the threat actor to bypass the project’s GitHub Actions CI/CD pipeline because the credentials belonged to the maintainer “jasonsaayman”. The malware also attempts to erase its tracks by deleting temporary files and altering file timestamps to blend with normal activity. See the Elastic analysis here.

Although no CVE identifiers have been assigned, the campaign was observed in the wild within hours of the packages appearing on the registry. The Cyber Security Agency of Singapore issued an advisory urging organisations to audit their dependencies and warning that the malware beacons to a hard‑coded C2 address before retrieving further payloads. Threat actors have not been publicly attributed, but the use of stolen maintainer credentials points to a credential‑theft or phishing vector. Security teams are encouraged to review recent npm publish events from the axios account for any unfamiliar activity. Read the CSA advisory here.

Huntress researchers noted that the malicious versions were quickly removed from npm after the breach was disclosed, but any system that had already installed them may retain the backdoor unless actively cleaned. They highlighted that the RAT employs obfuscated JavaScript to evade basic signature‑based detection and uses legitimate‑looking user‑agent strings when contacting its server. The malware also creates scheduled tasks or launch daemons depending on the operating system to survive reboots. Indicators of compromise include specific file hashes and registry keys shared in the Huntress blog. The Huntress blog provides further details here.

Defenders should immediately check their package‑lock files for axios versions 1.14.1 or 0.30.4 and remove or upgrade to a clean release. Organisations are advised to rotate npm tokens and enforce multi‑factor authentication on all accounts with publishing rights. Monitoring outbound HTTPS connections to unfamiliar domains, especially those hard‑coded in the malicious script, can help identify beaconing activity.

Implementing integrity checks such as npm audit or using a lockfile‑verification tool in CI pipelines will prevent similar supply‑chain surprises in the future. Additionally, reviewing the integrity of postinstall scripts in any dependency before allowing installation can catch similar trojanised packages early.