SentinelOne AI EDR Stops Axios Supply Chain Attack Autonomously

What Happened

On March 31, 2026, a North Korean state actor hijacked the npm credentials of the primary maintainer of Axios, a widely used HTTP client in the JavaScript ecosystem. The attacker published two backdoored releases that deployed a cross-platform remote access trojan (RAT) to systems running Windows, macOS, and Linux. During a mere three-hour window, approximately 600,000 downloads occurred without user interaction, showcasing the attack's potential scale.

The malicious packages were tagged as [email protected] and [email protected], each introducing a new dependency that silently deployed the RAT. The attack was executed with remarkable sophistication, utilizing techniques to evade detection and ensuring that the malware left minimal forensic evidence.

Who's Affected

The attack primarily affected users and organizations utilizing Axios, which boasts around 100 million weekly downloads. Given Axios's prevalence in cloud and code environments, the potential impact on developers and enterprises was significant. Anyone who installed the compromised versions during the exposure window is at risk.

What Data Was Exposed

While the primary goal of the attack was to deploy the RAT, the compromised systems could potentially expose sensitive credentials, including npm tokens, SSH keys, and CI/CD secrets. The RAT was designed to harvest these types of credentials, making the attack particularly dangerous for organizations relying on Axios for their software delivery.

SentinelOne's Response

SentinelOne acted swiftly to protect its customers. The Lunar behavioral engine detected the attack's execution techniques, regardless of the specific payload hash. Additionally, a global hash blocklist was implemented to prevent known malicious npm package tarballs and RAT binaries from being executed across all platforms.

Proactive Threat Hunting

The Wayfinder Threat Hunting team conducted proactive hunts using Axios-specific indicators of compromise (IOCs), ensuring that any potential threats were identified and addressed. This included monitoring DNS queries and file artifacts related to the attack.

Continuous Research

SentinelLabs has been tracking the BlueNoroff threat cluster, linked to the North Korean attack. This ongoing research allows SentinelOne to stay ahead of emerging threats and improve their detection capabilities continuously.

What You Should Do Now

Organizations should take immediate action to protect their environments:

1. Audit and Contain: Search for the compromised Axios versions and treat any affected systems as fully compromised.
2. Rotate Credentials: Change all credentials that the endpoint could access, including npm tokens and API keys.
3. Pin Dependencies: Use npm ci in CI/CD pipelines to enforce strict lockfile discipline.
4. Eliminate Legacy Tokens: Remove long-lived tokens and migrate to OIDC Trusted Publishing.
5. Harden Detection Policies: Ensure behavioral detection engines are set to protect on execution.
6. Extend Coverage: Include developer workstations and CI runners in endpoint coverage.
7. Hunt Proactively: Use Deep Visibility to search for suspicious activity related to the attack.

By implementing these measures, organizations can enhance their defenses against future supply chain attacks.