Axios NPM Package Compromised in Sophisticated Supply Chain Attack with Cross-Platform RAT

The most popular JavaScript HTTP client library — axios, with 100M+ weekly downloads — was compromised in a precision supply chain attack on March 30, 2026.

What Happened

Two malicious versions were published to npm:

• axios@1.14.1 (main branch)
• axios@0.30.4 (legacy branch)

Both were published within 39 minutes of each other.

The Attack

• Zero malicious code inside axios itself — making detection extremely difficult
• Fake dependency injected: plain-crypto-js@4.2.1, never imported in axios source
• Postinstall script acts as a cross-platform Remote Access Trojan (RAT) dropper
• Targets: macOS, Windows, and Linux with separate pre-built payloads
• C2 server: Contacts sfrclak.com:8000 within 2 seconds of npm install
• Self-destructs: Malware deletes itself and replaces package.json with a clean decoy
• Pre-staged 18 hours before the attack

Detection

• StepSecurity AI Package Analyst and Harden-Runner detected the compromise
• Harden-Runner (12,000+ public repos) flagged anomalous outbound connections
• Detected during CI runs in the Backstage repository

Why This Is Unprecedented

This is among the most operationally sophisticated supply chain attacks ever documented against a top-10 npm package. The attacker:

1. Pre-staged the malicious dependency 18 hours in advance
2. Built three separate payloads for three operating systems
3. Poisoned both release branches within 39 minutes
4. Designed every artifact to self-destruct
5. Achieved C2 callback within 2 seconds of npm install

Impact

Any project that installed these versions between publication and takedown is potentially compromised. Developers should:

• Audit dependency trees for axios@1.14.1 or axios@0.30.4
• Check for plain-crypto-js@4.2.1 in node_modules
• Review system logs for connections to sfrclak.com