The hacker briefly released the malware this week in a popular open source project for software developers that is estimated to have 100 million weekly downloads, raising the possibility of widespread compromise through a distribution attack.
Axios is a JavaScript client library used for web applications. An unknown attacker hijacked the npm account – npm is the JavaScript package manager – of the leading axios maintainer, and published malicious versions of axios with access trojans to npm. That happened Sunday night into Monday morning, cybersecurity firm Huntress said, before the toxic strains were pulled.
Aikido, another security firm, called it “one of the most severe npm deployment attacks on record.” Researchers at a number of cyber companies have sounded the alarm about the attack, including Step Security, Socket, Endor Labs and others.
According to Step Security, the malicious versions of “axios@1.14.1” and “axios@0.30.4” install a new software implementation, plain-crypto-js@4.2.1, which acts as a payload for the malware. It targets MacOS, Windows and Linux devices.
But, while the researchers describe it as malware, they note that “there are empty lines of malicious code within axios itself.” Instead, the software works as it was designed – or reconfigured.
“Both toxic releases instill false hope… [post installation] script that uses a remote platform access trojan,” wrote Ashish Kurmi, chief technology officer and founder of Step Security.
Feross Aboukhadijeh, CEO and founder of Socket, called the situation “a living compromise” with a large area of ​​potential explosion.
“This is a malware tool that installs books,” Aboukhadijeh wrote on X Monday evening, adding in a malicious version that “every npm that installs the latest version can be damaged now.”
The software package pulled by the axios malware has added payloads that evade established cybersecurity testing methods and confuse human investigators, and delete and anonymize to destroy forensic evidence.
Aboukhadijeh gave clear advice to anyone who has downloaded or used axios in the past week at least.
“If you’re using axios, flash your version immediately and check your lockfiles,” he wrote. “Don’t upgrade.”
Kurmi described the attack as “correct,” noting that the malicious dependency was created less than 24 hours in advance and the two malicious versions were poisoned in one hour.
Considering the time when malicious versions of axios were online, that could translate to about 600,000 copies, said Joshua Wright, a faculty member at the SANS Institute and senior technical director at Counter Hack Innovations.
“It’s a huge number of obstacles, and as soon as you install the software, it erases the access information, so now the threat actors can go to AWS, some GitHub packages with GitHub keys, and it’s a difficult part to explain,” he told CyberScoop that it could stretch for weeks. “We’re going to see a lot of stories about people realizing they’ve broken the law, because today they’re still trying to figure out what the consequences are.”
The attack follows closely behind other cases targeting developers.
The Google Threat Intelligence Group said the attack was unrelated to TeamPCP’s recent attacks, however, and instead attributed the axios attack to a suspected North Korean hacking group it calls UNC1069.
“Korean hackers have deep experience in supply chain attacks, which they have been using to steal cryptocurrencies,” said John Hultquist, the group’s chief analyst. “The extent of this incident remains unclear, but given the popularity of the damaged package, we expect it to have far-reaching effects.”
This story was updated on March 31, 2026, with input from the Google Threat Intelligence Group.
#attack #axios #software #developer #tool #threatens #widespread #compromise