Ethical Hacking News
Hackers have successfully compromised the Axios package, a popular JavaScript HTTP client used by millions of developers worldwide. The malicious attack was discovered when researchers from Endor Labs found two malicious versions of the Axios package published on the Node Package Manager (npm) registry.
The threat actor gained access to the package by compromising the npm account of Jason Saayman, the main maintainer of Axios. No open-source code review or automated checks triggered the alert, as the malicious package was published without the automated OpenID Connect (OIDC) package origin and no matching GitHub commit appeared.
Upon publishing the malicious package, the attackers injected a malicious dependency called plain-crypto-js@^4.2.1 into the package.json file and did not alter the Axios code. During the installation process, this dependency executes a post-install script that launches an obfuscated dropper (setup.js) which contacts a command-and-control (C2) server to retrieve a next-stage payload based on the detected operating system.
The attack highlights the need for developers to regularly monitor and update their dependencies. If you use Axios in your projects, make sure to lock at axios@1.14.0 and axios@0.30.3, which are the last known clean releases of the popular package.
Hackers compromised the Axios package, a popular JavaScript HTTP client used by millions worldwide. The threat actor gained access by compromising the npm account of Axios's main maintainer, Jason Saayman. A malicious dependency was injected into the package.json file, executing a post-install script that contacted a command-and-control server. The attack spread across Windows, macOS, and Linux systems, infecting them with a remote access trojan (RAT) for attacker control. Users are advised to lock at axios@1.14.0 and axios@0.30.3, and rotate credentials and rebuild environments if compromised.
Hackers have successfully compromised the Axios package, a popular JavaScript HTTP client used by millions of developers worldwide. The malicious attack was discovered when researchers from Endor Labs found two malicious versions of the Axios package published on the Node Package Manager (npm) registry.
The threat actor gained access to the package by compromising the npm account of Jason Saayman, the main maintainer of Axios. No open-source code review or automated checks triggered the alert, as the malicious package was published without the automated OpenID Connect (OIDC) package origin and no matching GitHub commit appeared.
Upon publishing the malicious package, the attackers injected a malicious dependency called plain-crypto-js@^4.2.1 into the package.json file and did not alter the Axios code. During the installation process, this dependency executes a post-install script that launches an obfuscated dropper (setup.js) which contacts a command-and-control (C2) server to retrieve a next-stage payload based on the detected operating system.
The attack chain for each platform is as follows:
On Windows systems, the malware mixes VBScript and PowerShell to run a hidden Command Prompt window and execute a malicious script. The malware copies PowerShell to %PROGRAMDATA%\wt.exe to evade detection and achieve persistence across reboots, then downloads and executes a PowerShell script.
On macOS systems, the malware uses AppleScript to download a binary to /Library/Caches/com.apple.act.mond, mark it as executable, and run it in the background.
On Linux systems, the dropper fetches a Python-based payload stored at ‘/tmp/ld.py’ and executes it in the background with the nohup (no hang up) command.
In all cases, the malware infected the host with a remote access trojan (RAT), allowing attackers to execute commands and maintain persistence on infected systems. The RAT can retrieve and execute a base64-encoded binary that it writes in a hidden temp file, execute shell commands via /bin/sh or AppleScript, and enumerate directories on the infected host.
The attack was not opportunistic but was carefully planned by the threat actor, who staged the malicious dependency 18 hours in advance. The fact that different payloads were delivered based on the detected operating system supports this theory, along with the self-destruct action for every artifact.
Currently, there is no information about the threat actor behind the Axios supply-chain attack. However, several high-profile supply-chain attacks were claimed by a group known as TeamPCP recently. These included targeting popular open-source software projects like Telnyx, LiteLLM, and Trivy.
Due to its massive monthly downloads, it's unclear how many downstream projects have been impacted by this supply-chain attack. As such, users of Axios are recommended to lock at axios@1.14.0 and axios@0.30.3, which are the last known clean releases of the popular package. If a compromise is confirmed, users should rotate all credentials and rebuild their environments from a known good state.
In conclusion, this attack highlights the importance of securing open-source software supply chains. As more developers increasingly rely on these packages in their projects, it becomes crucial to monitor them for any signs of malicious activity.
Related Information:
https://www.ethicalhackingnews.com/articles/Hackers-Exploit-Axios-400-Million-Monthly-Downloads-by-Compromising-npm-Package-ehn.shtml
https://www.bleepingcomputer.com/news/security/hackers-compromise-axios-npm-package-to-drop-cross-platform-malware/
https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/
https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html
https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
https://www.reversinglabs.com/blog/teampcp-supply-chain-attack-spreads
https://thecybersecguru.com/news/teampcp-supply-chain-attack/
Published: Tue Mar 31 10:11:50 2026 by llama3.2 3B Q4_K_M
