Axios Supply Chain Attack Exposes Users to Cross-Platform RAT via Compromised npm Credentials

The widely used HTTP client Axios has recently fallen victim to a significant supply chain attack, compromising its integrity and exposing users to potential threats. This incident highlights the vulnerabilities inherent in software dependency management and the critical need for robust security measures in the software development lifecycle.

Attack Overview and Malicious Dependency

Versions 1.14.1 and 0.30.4 of Axios were found to have introduced a malicious dependency, “plain-crypto-js” version 4.2.1. This malicious package was published using the compromised npm credentials of the primary maintainer, Jason Saayman, allowing attackers to bypass the project’s GitHub Actions CI/CD pipeline. The malicious dependency was designed to execute a postinstall script that functions as a cross-platform remote access trojan (RAT) dropper, targeting macOS, Windows, and Linux systems.

Ashish Kurmi, a security researcher at StepSecurity, noted that the dropper connects to a command and control server, delivering platform-specific payloads. After execution, the malware deletes itself and replaces its package.json file with a clean version to evade detection.

Users with Axios versions 1.14.1 or 0.30.4 are urged to rotate their secrets and credentials immediately and downgrade to safe versions (1.14.0 or 0.30.3). The malicious versions, along with “plain-crypto-js,” have since been removed from npm.

Timeline of the Attack

The attack unfolded as follows:

• March 30, 2026, 05:57 UTC: A clean version of “plain-crypto-js@4.2.0” is published.
• March 30, 2026, 23:59 UTC: A new version, “plain-crypto-js@4.2.1,” containing the malicious payload is published.
• March 31, 2026, 00:21 UTC: A new version of Axios, “axios@1.14.1,” is published, injecting “plain-crypto-js@4.2.1” as a runtime dependency using the compromised account.
• March 31, 2026, 01:00 UTC: Another version of Axios, “axios@0.30.4,” is published with the same malicious dependency.

The threat actor is believed to have compromised Saayman’s npm account and changed its registered email to a Proton Mail address under their control. It is suspected that the attacker obtained a long-lived npm access token to publish these poisoned versions directly.

Technical Details of the Malware

The embedded malware is launched via an obfuscated Node.js dropper (“setup.js”) and is designed to execute different attack paths based on the operating system:

• macOS: The dropper runs an AppleScript that fetches a trojan binary from an external server, saves it as “/Library/Caches/com.apple.act.mond,” and executes it in the background. The AppleScript file is deleted post-execution to cover tracks.

• Windows: The malware locates the PowerShell binary, disguises it as the Windows Terminal app, and executes a Visual Basic Script that contacts the same server to download and execute a PowerShell RAT script.

• Linux: The dropper runs a shell command to fetch a Python RAT script from the same server, saves it to “/tmp/ld.py,” and executes it in the background.

Each platform sends a distinct POST body to the same command and control URL, allowing the server to serve appropriate payloads for each operating system.

Forensic Cleanup and Evasion Tactics

The malware employs several forensic cleanup steps to avoid detection. It removes the postinstall script from the installed package directory, deletes the original package.json file that references the postinstall hook, and renames “package.md” to “package.json.” The “package.md” file is a clean manifest without the malicious hook, designed to prevent red flags during post-infection inspections.

Notably, the attack was characterized by its restraint. No source files of Axios were modified, making traditional code reviews less likely to catch the malicious behavior, which resided entirely in a transitive dependency triggered by npm’s postinstall lifecycle.

Recommendations for Users

To mitigate the risks associated with this attack, users are advised to take the following actions:

• Verify the installed versions of Axios.
• Check for RAT artifacts:
  • macOS: “/Library/Caches/com.apple.act.mond”
  • Windows: “%PROGRAMDATA%wt.exe”
  • Linux: “/tmp/ld.py”
• Downgrade to safe Axios versions (1.14.0 or 0.30.3).
• Remove “plain-crypto-js” from the “node_modules” directory.
• If RAT artifacts are detected, assume compromise and rotate all system credentials.
• Audit CI/CD pipelines for any runs that installed the affected versions.
• Block egress traffic to the command-and-control domain (“sfrclak[.]com”).

Broader Implications for the Software Supply Chain

This incident underscores the vulnerabilities in the software supply chain, particularly in open-source ecosystems where dependencies are widely used. The attack demonstrates how easily malicious actors can exploit compromised credentials to introduce harmful code into widely adopted libraries.

Security measures must be reinforced, including better credential management, regular audits of dependencies, and enhanced monitoring of package publications. The community must remain vigilant against such threats to protect the integrity of software development and deployment processes.

For further insights into this incident and its implications, refer to the original reporting source: thehackernews.com.

Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.