A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain attack to fetch a malware payload for Windows, Linux systems and macOS computers to deliver a remote access Trojan, security researchers said.
Axios, which Step Security said has over 300 million weekly downloads, provides an HTTP client library through the Node Package Manager (NPM) registry.
With that many weekly downloads, the “blast radius” of Axios being compromised is considerable.
CRITICAL: Active supply chain attack on axios — one of npm’s most depended-on packages.
The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios…
— Feross (@feross) March 31, 2026
Axios primary maintainer Jason Saayman’s account on npm was compromised and he was locked out at the same time.
After the attacker changed Saayman’s registered account email to an anonymous ProtonMail address, the person manually published the poisoned packages via the npm command-line interface.
This bypassed the project’s normal GitHub Actions continuous integration pipeline entirely.
A malicious dependency for Axios was published just before midnight Universal Time with security vendor Socket detecting it through its automated systems.
However, Step Security said the attacker staged the compromise over 18 hours.
The attacker first published a clean version of the dependency, plain-crypto-js@4.2.0, containing legitimate library source code and no malicious code.
That decoy’s sole purpose was to establish an npm publishing history, making the account appear credible enough to avoid triggering automated security scanning tools.
The malicious payload arrived only in the follow-up version, plain-crypto-js@4.2.1, published just before midnight UTC on March 30.
Anyone using Axios should pin to the axios@1.14.0 or axios@0.30.3 tags immediately.
Searching network log files for outbound connections to the C2 server at sfrclak.com or its Internet Protocol address 142.11.206.73 is an indicator of possible compromise, along with the file /Library/Caches/com.apple.act.mond on macOS, %PROGRAMDATA%wt.exe on Windows, or /tmp/ld.py on Linux systems.
The Open Source Malware community threat database called Axios one of the most popular JavaScript packages on Earth.
“This will go down in history as one of the most successful software supply chain attacks ever,” Open Source Malware wrote.
Targeting developers, the malicious dependency for Axios is said to be sophisticated, using obfuscation, anti-analysis strategies, runs on multiple platforms and provides comprehensive RAT capabilities, security researchers said.
At this stage, there is no immediate indication as to who might be behind the attack, but Open Source Malware said the lack of cryptocurrency miners or ransomware components pointed to it not being financially motivated.
Instead, extensive reconaissance on infected systems, file enumeration targeting of .ssh and .aws directories, and process monitoring indicate an advanced persistent threat (APT) actor doing inteilligence gathering and credential harvesting, Open Source Malware said.
