Axios npm Supply Chain Attack 2026

On March 31, 2026, the JavaScript ecosystem experienced one of its most dangerous software supply chain attacks. A threat actor successfully compromised the npm account of Axios' lead maintainer and published malicious versions of Axios, a library used by millions of developers worldwide. Within minutes, any system running npm install could unknowingly install a Remote Access Trojan (RAT).

What Makes This Attack So Serious?

  • Axios has approximately 100 million weekly downloads
  • It is used in web apps (React, Vue, Angular), backend APIs (Node.js), mobile apps (React Native), and CI/CD pipelines (Jenkins, GitHub Actions)
  • It is often installed indirectly as a transitive dependency

Even if your team did not install Axios directly, you could still be affected.

What Exactly Happened?

This was a classic supply chain attack, executed at a very high level. Here is the step-by-step breakdown:

  • Account Takeover: The attacker gained access to the maintainer's npm account.
  • Pre-Attack Setup: Published a fake "clean" package ([email protected]) to build trust.
  • Malicious Release: Released [email protected] (latest) and [email protected] (legacy), both containing a hidden dependency.
  • Hidden Payload Execution: The malicious dependency ([email protected]) ran automatically via a postinstall script.
  • RAT Deployment: Malware (SILKBELL / WAVESHAPER.V2) works on Windows, macOS, and Linux. It can execute commands, steal credentials, access files, and download additional malware.
  • Stealth Mode: Deletes itself after execution and restores package files to appear clean.

Affected Versions

Malicious (do not use):

Safe versions:

Attack Window

The attack was active for approximately 3 hours: 00:21 to 03:15 UTC on March 31, 2026. If npm install ran during this window, assume compromise.

Why CI/CD Security Failed

The attacker bypassed CI/CD pipelines entirely by using a stolen npm access token to publish directly to the npm registry. This avoided code reviews, GitHub Actions, security scans, and build provenance checks.

Key red flag: No OIDC/SLSA provenance metadata was present, which is normally included in legitimate releases.

Indicators of Compromise (IOCs)

Search your project for:

Network indicators (block immediately at firewall, DNS, and cloud security groups):

  • Domain: sfrclak.com
  • IP: 142.11.206.73

File system indicators:

  • Windows: %PROGRAMDATA%\wt.exe and %TEMP%\6202033.ps1
  • Linux: /tmp/ld.py
  • macOS: /Library/Caches/com.apple.act.mond

How to Check If You Are Affected

  • Search your lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml) for the malicious versions
  • Run: find node_modules -name plain-crypto-js
  • Scan developer laptops, CI/CD servers, and build pipelines with incident scanners
  • Check logs for DNS queries to malicious domains, outbound suspicious traffic, and unknown processes

How to Fix It

Immediate fix:

npm install [email protected] --ignore-scripts
rm -rf node_modules/plain-crypto-js

Lock the safe version in package.json overrides:

{
  "overrides": {
    "axios": "1.14.0"
  }
}

If malware executed, treat it as a full breach. Do NOT try to clean the system.

  • Isolate affected machines immediately
  • Re-image systems from scratch
  • Restore from clean backups
  • Rotate ALL credentials: AWS/Azure/GCP, GitHub/GitLab, npm tokens, CI/CD secrets, and database credentials

Business Impact

This attack is not just technical. The consequences include credential theft, cloud compromise, intellectual property leaks, supply chain propagation to downstream users, and legal or compliance exposure.

Who Was Behind It?

The attack was attributed by Google Threat Intelligence Group to UNC1069, a North Korea-linked threat actor. This indicates advanced planning, financial motivation, and nation-state level sophistication.

How to Prevent This in the Future

Short-term (do this now):

  • Pin exact versions (1.14.0, not ^1.14.0)
  • Use npm ci --ignore-scripts
  • Enable npm audit in your pipeline

Medium-term:

  • Enforce SLSA/OIDC provenance on all packages
  • Use an SBOM (Software Bill of Materials)
  • Rotate npm tokens regularly and restrict publish permissions

Advanced:

  • Use internal package proxies (Artifactory, Nexus)
  • Implement a release cooldown policy (min-release-age=3d)
  • Integrate tools like Snyk, Trivy, or OSV Scanner into your CI/CD pipeline

Key Lesson for DevOps Engineers

This incident proves one thing clearly: your biggest risk is not your code. It is your dependencies. If you are building or learning DevOps, this is a perfect real-world case study for supply chain security, CI/CD hardening, dependency management, and cloud credential protection.

Even a trusted package like Axios can become an attack vector. Security is no longer optional in DevOps. It is DevOps.

Learn to build secure systems from day one.

Our DevOps Engineering and Cybersecurity programmes cover supply chain security, CI/CD hardening, and cloud credential management.

Enrol Now