‘The build pipeline is becoming the new frontline’: Axios npm compromise highlights growing software supply chain risks, experts warn

Attackers have compromised the npm account of Axios and published malicious versions to spread remote access trojans (RATs) to millions of developers.

Axios is a JavaScript HTTP client and is one of the most popular packages on npm, with more than 100 million weekly downloads. It manages requests between clients, such as browsers or Node.js apps, and servers.

On Monday, two malicious updates, axios@1.14.1 and axios@0.30.3, were published, apparently through the compromise of the npm account of axios’ primary maintainer Jason Saayman.

The updates were identified almost immediately by several security firms and remained live for around two or three hours. The malicious versions introduce a dependency that executes during installation and deploys a cross‑platform remote access trojan (RAT) targeting macOS, Windows, and Linux.

The malware communicates with a command and control (C2) server to retrieve platform‑specific second‑stage payloads, researchers noted. After execution, it deletes itself and replaces its own package.json with a clean version to evade forensic detection.

According to StepSecurity, the malicious dependency was staged 18 hours in advance, with separate payloads pre-built for all three operating systems. Both release branches were poisoned within 39 minutes of each other.

StepSecurity added that within two seconds of npm install, the malware was already calling home to the attacker's server before npm had even finished resolving dependencies -– making this one of the most operationally-sophisticated supply chain attacks ever documented against a top-10 npm package.

Because there were no git tags, any manual audit of the GitHub repo would have failed to show anything was wrong.

Axios npm incident highlights supply chain dangers

Ilkka Turunen, field CTO at Sonatype, said the latest npm-related incident highlights the growing dangers faced by developers globally, with threat actors ramping up attacks.

“Attackers have figured out they don’t need to compromise the code people trust if they can compromise the trust around it," Turunen said.

"In this case, the malicious capability was introduced through a staged dependency and designed to erase its own tracks, which made the attack harder to spot and slower to understand. That’s not just malware — it shows a more deliberate and mature playbook."

Anyone who installed either version before the takedown should assume their system is compromised and is advised to immediately quarantine hosts, implement their full incident response playbook, and rotate all exposed secrets.

It's not known who is responsible for the compromise, although many researchers are throwing suspicion on a North Korean actor known as UNC1069 that focuses on stealing cryptocurrency via centralized exchanges (CEX), software developers at financial institutions, tech firms, and venture capital funds.

The supply chain attack marks the latest in a string of attempts to exploit trust in open source ecosystems, according to Upwind security researcher Avital Harel.

"The build pipeline is becoming the new frontline. Attackers know that if they can compromise the systems that build and distribute software, they can inherit trust at scale," Harel commented.

"Organizations should be looking much more closely at CI/CD systems, package dependencies, and developer environments, because that’s increasingly where attackers are placing their bets."

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.