Axios Supply Chain Attack (March 2026)
Today, March 31, 2026, the popular npm package axios was compromised via a compromised maintainer account. Malicious versions were released that install a Remote Access Trojan (RAT).
📦 Affected versions
- axios@1.14.1 (Current branch)
- axios@0.30.4 (Legacy branch)
The malware hides in a new dependency called plain-crypto-js@4.2.1. This executes a postinstall-Script that immediately attempts to steal secrets (keys, .env, SSH).
Official Sources and Analyses
- Snyk Security Blog:
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT - Huntress Labs
(Technische Tiefenanalyse): Supply-Chain Compromise of axios npm Package - Malwarebytes Labs:
Axios supply chain attack chops away at npm trust
Interesting Videos for this Supply Chain Attack on Youtube:
NetworkChuck
From NetworkChuck - A Git hosted Guide for Checks!
Axios npm Supply Chain Attack — Detection & Protection Guide
https://github.com/theNetworkChuck/axios-attack-guide
The Legend John Hammond
Stay Safe Guys!
Leave Axios Supply Chain Attack (March 2026) to:
Read more #axios posts
Best Posts From louis88
We have not curated any of louis88's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.
More Posts From louis88
- A Photographers Nightmare - Corrupted SD Card Recover
- Happy Birthday @worldmappin - 2 Years on the HIVE Blockchain
- Yet another Hive Proposals Frontend (with more Details)
- Back in Business - Another Month with Claude - Improving the Security accross the Hive Ecosystem
- 1 Month Claude AI - A Report... of Progress
- Another successful day for security in the HIVE ecosystem (Only a Dead Bug, is a Good Bug!)
- Support louis88 Work on HIVE - 1 HBD Subscription
- Support louis88 Work on HIVE - 5 HBD Subscription
- Support louis88 Work on HIVE - 10 HBD Subscription
- Support louis88 Work on HIVE - 25 HBD Subscription
- Support louis88 Work on HIVE - 50 HBD Subscription
- When Security Becomes a One-Way Street — My Experience with Responsible Disclosure in the Hive Ecosystem
- Dynamic Post Signatures (Footer) on HIVE — A Fully On-Chain Approach (No Third-Party Required)
- More Success Stories with the Claude Subscription to HIVE related Projects and their Security
- Axios Supply Chain Attack (March 2026)
- Responsible Security Vulnerability Report: Critical Exposure of Private Keys and Seed Phrases via Keystore Session Hijacking (Inleo)
- Responsible Security Vulnerability Report: Unauthorized Arbitrary File Upload (InLeo)
- Responsible Security Vulnerability Report: Stored HTML Injection & Unauthorized Redirect (InLeo)
- The first successes - Security Analyses and the corresponding reports to the developers
- Day 2 with Claude - It's Exhilarated & Exhausting