Urgent Alert: Axios Supply‑Chain Poisoning Hits 300M Weekly Downloads – Check Your Projects Now

How severe is the incident?

axios is a core HTTP request library that appears in virtually every JavaScript project. The npm package receives over 300 million downloads per month , has more than 106 k GitHub stars , and is a dependency of millions of React, Vue and Node.js projects.

Affected vs. safe versions

Malicious versions: [email protected] (1.x main line) and [email protected] (0.x old line) – both contain a cross‑platform remote‑access trojan (RAT) and must be disabled immediately.

Safe versions: [email protected], [email protected], and any version ≤ 1.14.0 on the 1.x branch are clean.

Attack implementation

The attacker followed a four‑step chain:

Step 1 – Account hijack

Using unknown methods, the attacker gained access to the npm account of core maintainer jasonsaayman and bypassed CI/CD checks to publish malicious releases.

Step 2 – Inserting a malicious dependency

The malicious package.json added a seemingly harmless dependency:

{
  "dependencies": {
    "plain-crypto-js": "4.2.1" // disguised as crypto‑js
  }
}

Step 3 – Post‑install hook execution

The [email protected] package contains a postinstall script that runs node setup.js after installation, launching the attack chain.

npm install axios
  → installs [email protected]
    → triggers postinstall
      → runs setup.js (double‑obfuscated: reverse‑Base64 + XOR)
        → contacts C2 server sfrclak[.]com:8000 (142.11.206.73)
          → downloads platform‑specific RAT
            → establishes persistent backdoor

Step 4 – Multi‑platform RAT deployment

The script detects the operating system and drops a disguised payload:

macOS: /Library/Caches/com.apple.act.mond (masquerades as a system cache)

Windows: %PROGRAMDATA%\wt.exe (masquerades as Windows Terminal)

Linux: /tmp/ld.py (Python RAT running silently in the background)

The RAT can:

Send periodic beacons to the C2 server

Execute arbitrary code or shell commands

Enumerate the file system and exfiltrate data

Steal credentials such as API keys and SSH keys

Who is at risk?

High‑risk (likely compromised) projects meet any of the following:

Ran npm install or npm update between 2026‑03‑31 00:21 UTC and 03:29 UTC.

Used a caret ( ^) or tilde ( ~) version range for axios and have CI/CD builds in the window.

Also depend on @qqbrowser/[email protected] or @shadanai/openclaw, which were infected with the same malicious dependency.

Uncertain projects use lock files ( package‑lock.json / yarn.lock) but it is unclear whether the lock was committed before the attack window.

Relatively safe projects have lock files committed before the window, use npm ci (which respects the lock file), or pin axios to an exact version such as "axios": "1.14.0" instead of a range.

Immediate 3‑step verification checklist

Step 1 – Detect affected projects

# Check for installed malicious versions
npm list axios 2>/dev/null | grep -E "1\.14\.1|0\.30\.4"
# Check lock file for malicious versions
grep -E '"axios"' package-lock.json | grep -E '1\.14\.1|0\.30\.4'
# Look for the malicious dependency package
ls node_modules/plain-crypto-js && echo "⚠️ Malicious package found!"
# Or use npm ls to inspect the dependency tree
npm ls plain-crypto-js

Step 2 – Detect system compromise (IOC checks)

# macOS
ls -la /Library/Caches/com.apple.act.mond && echo "⚠️ Malicious file found!"
# Linux
ls -la /tmp/ld.py && echo "⚠️ Malicious script found!"
# Windows PowerShell
Test-Path "$env:PROGRAMDATA\wt.exe" -and (Write-Host "⚠️ Malicious file found!" -ForegroundColor Red)
# Check network connection to C2
netstat -an | grep "142.11.206.73"

Step 3 – Respond based on findings

If clean: immediately harden the project.

# Pin and downgrade
npm install [email protected]   # for 1.x users
npm install [email protected]   # for 0.x users
# Remove caret from package.json
"axios": "1.14.0"
# Commit updated lock file
git add package-lock.json package.json
git commit -m "security: pin axios to 1.14.0 (supply chain mitigation)"

If compromised: treat the system as fully breached and follow a full incident‑response flow:

Isolate the machine, rotate all credentials (npm tokens, cloud access keys, SSH keys, database passwords, personal access tokens), review CI/CD logs for the attack window, rebuild the environment from a clean image, and audit network traffic for C2 communication.

Long‑term hardening – four engineering practices

Use npm ci --ignore-scripts in CI/CD pipelines to prevent post‑install hooks from running automatically.

Pin exact dependency versions and always commit lock files; avoid version ranges that allow automatic upgrades.

Integrate dependency‑security scanning (GitHub Dependabot, Snyk, or built‑in npm audit with a high severity threshold).

Enable two‑factor authentication (2FA) on npm accounts and require it for publishing actions.

Timeline of the attack

2026‑03‑31 00:21 UTC – Malicious version [email protected] published.

~01:xx UTC – Malicious version [email protected] published.

03:29 UTC – StepSecurity issues emergency alert.

03:29+ UTC – npm removes the malicious packages; security media (Snyk, The Hacker News, etc.) publish warnings.

08:00+ UTC – Community begins remediation.

The active attack window lasted about 3 hours 8 minutes, during which countless CI/CD pipelines and developer machines worldwide could have fetched the poisoned packages.

Final thoughts

The openness of the npm ecosystem is both its greatest strength and its biggest attack surface. This axios supply‑chain poisoning is not the first nor will it be the last. The real question is not "if" an attack will happen, but "whether your project has a defense when it does".

Start today by pinning versions, auditing post‑install scripts, and enabling automated security scans.