Today, March 31, 2026, the popular npm package axios was compromised via a compromised maintainer account. Malicious versions were released that install a Remote Access Trojan (RAT).
📦 Affected versions
- [email protected] (Current branch)
- [email protected] (Legacy branch)
The malware hides in a new dependency called [email protected]. This executes a postinstall-Script that immediately attempts to steal secrets (keys, .env, SSH).
Official Sources and Analyses
- Snyk Security Blog:
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT - Huntress Labs
(Technische Tiefenanalyse): Supply-Chain Compromise of axios npm Package - Malwarebytes Labs:
Axios supply chain attack chops away at npm trust
Interesting Videos for this Supply Chain Attack on Youtube:
NetworkChuck
From NetworkChuck - A Git hosted Guide for Checks!
Axios npm Supply Chain Attack — Detection & Protection Guide
https://github.com/theNetworkChuck/axios-attack-guide
The Legend John Hammond
2hr Live Session
Stay Safe Guys!
Congratulations @louis88! You received a personal badge!
Wait until the end of Power Up Day to find out the size of your Power-Bee.
May the Hive Power be with you!
You can view your badges on your board and compare yourself to others in the Ranking
Check out our last posts:
Congratulations @louis88! You received a personal badge!
Participate in the next Power Up Day and try to power-up more HIVE to get a bigger Power-Bee.
May the Hive Power be with you!
You can view your badges on your board and compare yourself to others in the Ranking
Check out our last posts: