The widely used Axios npm package, a JavaScript library that enables applications to make HTTP/S requests and is included as a dependency in millions of applications, was compromised in a supply chain attack on March 31, 2026 (UTC).
Between ~00:21 and ~03:30 UTC, malicious versions (axios@1.14.1 and axios@0.30.4) were published using a compromised maintainer account, each silently including a malicious dependency (plain-crypto-js@4.2.1) containing a postinstall script that functioned as a cross-platform remote access trojan (RAT). Once installed, the script would automatically execute, contacting a command‑and‑control server to fetch and deploy platform-specific payloads on macOS, Windows, and Linux systems.
The threat actor pre-staged the attack the day prior by creating a throwaway npm account and publishing a decoy package (plain-crypto-js@4.2.0) to appear legitimate, followed by the malicious version of plain-crypto-js. The malicious Axios versions were live for ~3 hours before npm removed them, putting users who installed them during that window at risk.
Assessment
This compromise is particularly significant because Axios is a widely used library and is often included as a transitive dependency across millions of applications. Organizations that install npm packages in CI/CD pipelines may have automatically pulled the malicious versions into build environments during the ~3-hour window. Even systems that did not directly install Axios could be indirectly impacted if another package in the environment depended on the compromised versions, highlighting the broader downstream risk across modern JavaScript ecosystems. While this attack occurred shortly after the recent TeamPCP supply chain campaign, there is no indication at the time of writing that the two incidents are related.
Arctic Wolf has Managed Detection and Response detections in place that apply to activities observed in this campaign and will continue to notify customers when new instances of this threat are observed.
Recommendations
Revert to Known-Safe Versions
Immediately revert Axios to a known safe version: axios@1.14.0 for 1.x users or axios@0.30.3 for 0.x users if your environment pulled or used impacted versions during the ~3-hour window. Ensure all packages are installed from the official npm registry and verify integrity using npm’s built-in package hashes.
Clear caches, lockfiles, and any CI/CD artifacts that may have pulled the malicious versions, then reinstall dependencies in a clean environment to prevent lingering compromise.
Rotate Credentials
All credentials potentially exposed during the compromise should be considered at risk if they were used in or accessed by environments where the malicious versions of Axios were installed during the ~3-hour window. Rotate repository secrets, GitHub Actions tokens, API keys, and any other credentials used in these projects or build pipelines.
Proactive npm Security Recommendations
To help mitigate risks from future supply chain attacks like the recent Axios compromise, we recommend implementing the following npm safeguards in your environments:
- Enforce a short quarantine on new package versions – Run npm config set min-release-age 3 to delay installation of newly published packages by 72 hours. This provides a safe timeframe for the community and maintainers to detect and remove malicious releases before they reach your environment, as most supply chain attacks have historically been addressed within this period.
- Limit execution of potentially malicious scripts in CI/CD – Use the –ignore-scripts flag in build pipelines where possible. This prevents scripts such as how postinstall was used in this attack from automatically executing, reducing the risk of hidden malware running during automated builds or deployments.
Install Arctic Wolf Agent & Sysmon
Installing Arctic Wolf Agent and Sysmon provides Arctic Wolf with the visibility needed to detect the activity outlined in this bulletin.
- For instructions on how to install Arctic Wolf Agent, see the below install guides:
- If you have a supported EDR solution deployed in your environment, please configure it for monitoring with Arctic Wolf.
Note: Arctic Wolf recommends following change management best practices for deploying Agent and Sysmon, including testing changes in a testing environment before deploying to production.
