The widely-used HTTP client Axios has become the latest victim of a supply chain attack. This incident occurred when two versions of the npm package were released with a harmful dependency. The compromised versions, 1.14.1 and 0.30.4, included ‘plain-crypto-js’ version 4.2.1, which was falsely listed as a dependency.
Compromise Through npm Credentials
Security firm StepSecurity has reported that the attackers exploited npm credentials from the main Axios maintainer, ‘jasonsaayman’, to circumvent the GitHub Actions CI/CD pipeline. According to researcher Ashish Kurmi, the malicious addition served as a dropper for a cross-platform remote access trojan (RAT), targeting macOS, Windows, and Linux systems. This trojan contacts a command-and-control server to deliver specific payloads based on the platform, further complicating detection by deleting evidence post-execution.
Immediate Action Required for Users
Users of Axios versions 1.14.1 or 0.30.4 are advised to immediately rotate their secrets and credentials and downgrade to safer versions 1.14.0 or 0.30.3. The harmful versions and the rogue ‘plain-crypto-js’ package have been removed from npm’s registry to prevent further downloads. With over 83 million weekly downloads, Axios is integral to many JavaScript projects, making this breach significant.
Details of the Attack
The orchestrated attack was far from opportunistic, as indicated by Kurmi. The attackers staged the malicious dependency 18 hours prior and deployed pre-built payloads for three different operating systems. The attack timeline began on March 30, 2026, with the clean release of ‘[email protected]’, followed by the compromised version later that day. The manipulated versions of Axios were published shortly thereafter using the compromised account.
The npm account of ‘jasonsaayman’ was reportedly breached, allowing the attackers to change the account’s email to a Proton Mail address they controlled. The ‘plain-crypto-js’ package was uploaded by an npm user named ‘nrwise’, further complicating the traceability of the attack.
Malware’s Multi-Platform Approach
The embedded malware uses an obfuscated Node.js dropper to execute platform-specific attack paths. On macOS, it retrieves a trojan binary via AppleScript, while on Windows, it disguises itself as a Windows Terminal app, executing a PowerShell script. On Linux, it uses a shell command to execute a Python RAT script. This multi-platform strategy ensures that the malware can adapt to different environments, making it highly effective.
Each platform communicates with a central command-and-control server using different POST requests. The macOS variant, for example, sends system fingerprints every 60 seconds to retrieve further commands. The malware also takes steps to clean up after itself, removing evidence of its presence to avoid detection.
Users are strongly advised to check for the presence of malicious Axios versions and potential RAT artifacts on their systems. It’s crucial to audit CI/CD pipelines and block outgoing traffic to the command-and-control domain, ‘sfrclak[.]com’.
In addition to Axios, two other packages were identified by Socket as distributing similar malware through vendored dependencies, indicating a broader scope of the attack. These packages included ‘@shadanai/openclaw’ and ‘@qqbrowser/[email protected]’, each embedding the malicious ‘plain-crypto-js’ package.
