Axios NPM Packages Compromised in Major Supply Chain Attack

A sophisticated supply chain attack has targeted Axios, one of the most heavily adopted HTTP clients within the JavaScript ecosystem, by introducing a malicious transitive dependency into the official npm registry. Serving as a critical component across frontend frameworks, backend microservices, and enterprise applications, Axios records approximately 83 million weekly downloads on npm. The compromise involves the unauthorized publication of new Axios versions that automatically pull in plain-crypto-js@4.2.1, a newly published package confirmed by automated malware detection systems to contain malicious code. Because of the widespread integration of Axios in modern web development, the potential blast radius of this supply chain poisoning is exceptionally broad, necessitating immediate incident response protocols from downstream users.

The threat actors executed this attack by breaking from the project’s standard release patterns. Typically, Axios maintainers publish tagged releases on GitHub concurrently with their npm publishes. However, the compromised npm versions do not appear in the project’s official GitHub repository tags. At the time of the incident, v1.14.0 remained the most recent visible tag on GitHub, indicating that the malicious updates were pushed directly to the npm registry outside of the normal deployment pipeline. This bypass of standard version control suggests a highly coordinated effort to inject malicious code silently.

The malicious payload dependency, plain-crypto-js@4.2.1, was published to the registry on March 30, 2026, at 23:59:12 UTC. Within minutes of this publication, the compromised Axios versions were pushed live. Automated malware detection by Socket flagged the anomalous plain-crypto-js package shortly after at 00:05:41 UTC on March 31, highlighting the rapid execution sequence designed to maximize infection before security tools could react. To evade immediate detection during the initial infection phase, the attackers introduced minimal alterations to the primary Axios codebase. The sole modification was adding the malicious plain-crypto-js package to the dependency tree. Utilizing small, targeted changes is a conventional and highly effective tactic in supply chain attacks. This approach allows threat actors to execute arbitrary code through transitive dependencies while avoiding the scrutiny that typically accompanies large codebase modifications or logic changes.

Investigations into the registry logs reveal that the malicious package is associated with the npm publisher account jasonsaayman. This account's involvement in the compromised dependency chain raises significant concerns regarding unauthorized package publishing capabilities, pointing toward a potential account takeover, compromised developer credentials, or a hijacked session token that allowed the attackers to authenticate and publish the malicious artifacts directly to the npm registry.

Security teams, DevOps engineers, and developers must immediately audit their software supply chains to identify and remove the compromised components. Project maintainers should thoroughly review project lockfiles, dependency graphs, feature branches, and open pull requests for any exposure to the affected versions. Compromised Package Version Malicious Dependency:

• Axios 1.14.1: plain-crypto-js@4.2.1
• Axios 0.30.4: plain-crypto-js@4.2.1
• plain-crypto-js 4.2.1: Primary Malicious Payload

If any of these specific package versions are detected within your environment, it is imperative to remove them entirely or roll back your dependencies to a known safe release, such as Axios 1.14.0, to prevent the execution of the injected code. As this remains an active and rapidly developing security incident, ongoing threat hunting and continuous monitoring are necessary to determine the full scope of the compromise and prevent further exploitation.