ELASTIC Security Labs reports an attacker seized control of the axios npm maintainer account. The actor published two poisoned versions, axios@1.14.1 and axios@0.30.4, which pulled a malicious transitive dependency and deployed a cross‑platform remote access tool across Windows, macOS and Linux systems.
As detailed by Huntress, the rogue packages rely on plain‑crypto-js@4.2.1, which executes a postinstall script that contacts sfrclak[.]com:8000 to fetch stage‑2 implants for each operating system. These implants constitute a single cross‑platform RAT that uses an identical command‑and‑control protocol and beacon interval, and no CVE identifiers have been assigned to the campaign yet.
The implant is fetched through a Node.js process that spawns an OS‑native binary, runs it in memory and then beacons to the attacker’s server every few minutes. The threat actor abused a GitHub Actions OIDC token to push the malicious versions, and the compromised axios line normally records about one hundred million weekly downloads.
Elastic Security Labs observed the activity in real time, filed a GitHub Security Advisory on 31 March 2026 to coordinate disclosure, and has not attributed the intrusion to any known threat actor. Telemetry from multiple customers shows the RAT beaconing, highlighting the breach of trust in a library that underpins countless web projects.
The incident revives concerns over compromised maintainer accounts and the danger of transitive dependencies, echoing earlier supply‑chain events such as the event‑stream compromise. Security teams should treat any unexpected installation of plain‑crypto‑js as a potential indicator of compromise and monitor for HTTP traffic to the hardcoded domain sfrclak[.]com:8000.
Defenders should audit package‑lock files for the specific axios versions 1.14.1 and 0.30.4, remove any matches, and scrutinise node_modules for plain‑crypto‑js@4.2.1. They should also hunt for outbound connections to sfrclak[.]com:8000, inspect running processes for unfamiliar binaries launched from npm post‑install scripts and apply the detection rules that Elastic Security Labs has released for this campaign.
Updating axios to a verified safe release (for example 1.7.0 or later) after confirming integrity, enabling immutable lockfiles, enforcing two‑factor authentication on npm accounts, monitoring npm audit alerts and employing software‑supply‑chain provenance tools are practical steps. Continued vigilance for similar anomalous dependency updates will help catch future attacks early.