Axios npm Supply Chain Attack: Malicious Payloads and Mitigation

The cybersecurity community is responding to a significant Supply Chain Attack targeting the Axios library, a widely utilized HTTP client for JavaScript. According to CISA, threat actors successfully compromised the Axios npm package ecosystem, impacting two specific versions of the library. This incident underscores the ongoing risks associated with third-party dependency management in modern software development lifecycles.

Technical Analysis of the Compromise

On March 31, 2026, malicious actors published versions axios@1.14.1 and axios@0.30.4 to the npm registry. These versions were modified to include a malicious dependency identified as plain-crypto-js@4.2.1. The inclusion of this dependency facilitates the delivery of multi-stage payloads designed to establish persistence and provide unauthorized access to the host system.

Upon execution, the malicious dependency communicates with actor-controlled infrastructure to download additional components. The ultimate goal of this campaign is the deployment of a remote access trojan (RAT) on the victim’s machine. This is particularly dangerous for developers and SOC teams because the compromise often originates in trusted development environments or automated continuous integration/continuous delivery (CI/CD) pipelines. Because the RAT executes with the privileges of the user running the npm install or npm update command, it can lead to extensive data exfiltration or credential theft.

Impact on Developer Infrastructure

The Axios npm version 0.30.4 remote access trojan specifically targets environments where automated testing and deployment occur. If a CI/CD pipeline fetches one of the compromised versions, the runner environment becomes a foothold for the attacker. From there, the actor can access version control system (VCS) tokens, cloud provider API keys, and other sensitive secrets stored as environment variables. This creates a high risk of Lateral Movement across the organization’s cloud infrastructure.

How to Detect Axios npm Supply Chain Compromise

Defenders should prioritize visibility into their package management logs and network telemetry. Identifying the compromise requires a multi-faceted approach to IoC hunting. Organizations should immediately search for the presence of plain-crypto-js@4.2.1 within their package-lock.json or yarn.lock files across all repositories.

Network monitoring is equally vital. CISA has identified that compromised systems will attempt to establish C2 communication with domains associated with Sfrclak[.]com. Security teams should configure their EDR tools to alert on any outbound connections to this domain, particularly those originating from Node.js processes. Furthermore, any unexpected child processes spawned during a package installation—such as shells or network utilities—should be treated as high-priority alerts for the SOC.

Remediation and Mitigation Steps

For organizations that identify the presence of the compromised library, immediate axios@1.14.1 malicious dependency remediation is required. The following steps should be taken to restore the environment to a known safe state:

1. Downgrade Versions: Revert the Axios dependency to a known safe version, specifically axios@1.14.0 or axios@0.30.3.
2. Purge Malicious Files: Manually delete the node_modules/plain-crypto-js/ directory to ensure no artifacts remain cached locally.
3. Secret Rotation: Because the RAT may have accessed environment variables, rotate all potentially exposed credentials, including SSH keys, npm tokens, and cloud access keys.
4. Audit CI/CD Pipelines: Review the logs of any ephemeral CI runs that executed using the compromised versions and treat those runs as fully compromised.

To prevent future occurrences, CISA recommends several configuration changes to the .npmrc file. Setting ignore-scripts=true prevents the execution of arbitrary scripts during the installation process, which is a common TTP for injecting malware. Additionally, implementing min-release-age=7 can protect against Zero-Day supply chain attacks by ensuring that only packages that have survived community scrutiny for at least seven days are installed. Finally, all developer accounts should utilize Phishing-resistant multifactor authentication to prevent account takeovers of maintainer profiles, adhering to Zero Trust principles.