EMERGING 2026-03-31 14:31 UTC

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Emerging | Breach, Ttp | via bleepingcomputer & thehackernews

3 sources Quality: 0.92 Type: emerging

KEY FACTS

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems.

Overview

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two versions were published using the compromised npm credentials of the primary Axios

Organisations Involved

The following organisations are mentioned in relation to this incident: Account
The, Axios Supply Chain Attack Pushes Cross.

Multi-Source Coverage

This event has been reported across multiple outlets:

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account — thehackernews
Hackers compromise Axios npm package to drop cross-platform malware — bleepingcomputer

Sources: bleepingcomputer, thehackernews. Aggregated by Cybernews Agency pipeline.

SOURCES (3)

ENTITIES

Account TheAxios Supply Chain Attack Pushes Cross

DEBUG — Testing Information

AR-ID	47ff86ac-aaad-4b75-bfb7-ced9f1f4b175
NEWS-ID	450bfbb1-b98d-4fef-b707-3394bfc4896f
Article type	emerging
Categories	none
Quality score	0.9190
Generation timestamp	2026-03-31 14:31 UTC
Publish timestamp	2026-03-31 14:31 UTC
Editor corrections	[{"by": "cn-editor", "note": "passed quality checks", "score": 0.919}]

RAW SOURCES (3):

RAW-ID: 22c293f1-7f8d-468c-864f-6dc2cbe08469
URL: https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html
Title: Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

RAW-ID: bfda4027-a3fb-4c12-8ca8-369bfd889544
URL: https://www.bleepingcomputer.com/news/security/hackers-compromise-axios-npm-package-to-drop-cross-platform-malware/
Title: Hackers compromise Axios npm package to drop cross-platform malware

RAW-ID: e33a2250-0e3c-405a-8dc9-0ea89019bf6d
URL: https://www.darkreading.com/application-security/axios-npm-package-compromised-precision-attack
Title: Axios NPM Package Compromised in Precision Attack

ENTITIES:
Account The Axios Supply Chain Attack Pushes Cross

EMBEDDING: 384-dim (present)