AxiOwned — The Axios npm Supply Chain Attack (March 31, 2026)

#What Happened

On March 31, 2026, an attacker compromised the npm account of Axios maintainer jasonsaayman and published two malicious versions that bypassed the project's normal CI/CD pipeline. Public reporting also indicates the account's npm email was changed to an attacker-controlled ProtonMail address during the incident.

The tampered releases introduced a hidden dependency:

plain-crypto-js@4.2.1 — a typosquat package containing a malicious postinstall script

When any developer ran npm install (or equivalent) with the compromised versions, the postinstall script executed automatically, acting as a RAT dropper — downloading and executing a second-stage payload from a remote command-and-control server.

#Affected Versions

Vulnerable

axios@1.14.1axios@0.30.4

Remove immediately. Do not use these versions under any circumstances.

Safe

axios@1.14.0axios@0.30.3

Pin to these versions (or earlier). Verify your lockfile.

#How to Check If You're Affected

1. Search your lockfile for the affected versions

npm

rg -n '"name": "axios"|"version": "(1\.14\.1|0\.30\.4)"|plain-crypto-js' package-lock.json

yarn

rg -n 'axios@(1\.14\.1|0\.30\.4)|plain-crypto-js' yarn.lock

pnpm

rg -n 'axios@(1\.14\.1|0\.30\.4)|plain-crypto-js' pnpm-lock.yaml

2. Check for the malicious dependency

npm ls axios plain-crypto-js

If plain-crypto-js appears unexpectedly in your dependency tree or lockfile, treat that as a strong indicator of compromise.

3. Check for network indicators of compromise (IOCs)

Domainsfrclak.com

IP142.11.206.73

Port8000

Search firewall logs, DNS logs, and proxy logs for connections to these indicators.

#What the Malware Does

●Cross-platform RAT — targets macOS, Windows, and Linux. Adapts payload delivery based on the detected operating system.
●Command & Control (C2) — contacts sfrclak.com (142.11.206.73:8000) to download second-stage payloads.
●Self-cleaning — the malware deletes itself from node_modules and rewrites package.json to remove the plain-crypto-js dependency, making forensic detection harder.
●Persistence — public analysis confirms second-stage payloads can execute arbitrary commands and may establish persistence on the host OS, especially on Windows. Anyone who ran npm install during the affected window should assume full compromise of the machine.

#How to Fix / Recovery Steps

1
Delete node_modules and lockfile
rm -rf node_modules package-lock.json
2
Clear npm cache
npm cache clean --force
3
Pin axios to a safe version in package.json
"axios": "1.14.0"
Use an exact version — no ^ or ~ prefix — until the situation is fully resolved.
4
Reinstall with scripts disabled
npm install --ignore-scripts
5
Rotate all secrets and credentials
If the malware executed on your machine, assume all environment variables, API keys, tokens, SSH keys, and credentials accessible to the compromised process have been exfiltrated. Rotate everything.
6
Scan affected machines for persistence
Run endpoint detection / antivirus scans. Check for unfamiliar launch agents (macOS), scheduled tasks (Windows), or cron jobs (Linux). Consider reimaging CI/CD build agents.
7
Harden your CI/CD pipeline
Add to .npmrc
ignore-scripts=true
Consider using npm audit signatures, lockfile-lint, or Socket.dev for ongoing protection.

#Timeline

2026-03-30 23:59 UTC

plain-crypto-js@4.2.1 is published to npm shortly after a benign 4.2.0 decoy had been staged earlier.

2026-03-31 00:21 UTC

Malicious axios@1.14.1 published to npm. Contains hidden dependency plain-crypto-js@4.2.1.

2026-03-31 01:00 UTC

Malicious axios@0.30.4 published to npm with the same payload, targeting legacy 0.x users.

~03:00 UTC

Community members notice unusual publish activity. Reports begin surfacing on GitHub and social media.

~03:15 UTC

npm removes the malicious Axios releases from normal distribution; public npm metadata indicates they were live for roughly 2 to 3 hours.

~04:26 UTC

npm replaces plain-crypto-js with a security-holder stub, preventing new installs of the malicious package.

#Frequently Asked Questions

How many people were affected?

Axios is reported at roughly 100 million weekly npm downloads. The malicious Axios releases appear to have been live for about 2 to 3 hours before removal. The exact number of affected installs is still not publicly known, but exposure was large because of Axios's ubiquity.

I use axios but didn't update today. Am I safe?

If your lockfile pins a version other than 1.14.1 or 0.30.4, and you didn't run a fresh install during the affected window, you are most likely safe. Verify by checking your lockfile for those exact versions.

I ran npm install during the window. What should I do?

Assume compromise. Follow the full remediation steps above: delete node_modules, clear cache, pin a safe version, reinstall with --ignore-scripts, and rotate all credentials. Scan the affected machine for persistence mechanisms.

Does this affect browsers / CDN users?

The confirmed malicious behavior was delivered through npm dependency installation, not through a documented browser-runtime backdoor in Axios itself. That means the RAT execution path affects Node.js and package-manager installs. If you consume Axios from a CDN, there is no public evidence that the browser bundle itself was trojanized in the same way, though you should still avoid the affected version numbers until mirrors and caches have fully cleared.

Is this related to the event-stream attack?

It's a similar class of attack — npm supply chain compromise — but there's no known connection to the 2018 event-stream incident. This attack specifically targeted a single high-value maintainer account rather than a transferred package.

What is plain-crypto-js?

A typosquat package designed to look like the legitimate crypto-js library. It contained a postinstall script that fetched and executed second-stage malware from the attacker's C2 infrastructure. npm later replaced it with a security-holder stub.

How can I protect myself from future supply chain attacks?

Use lockfiles and pin exact versions. Enable npm audit signatures. Use --ignore-scripts in CI. Consider tools like Socket.dev, Snyk, or lockfile-lint. Enable 2FA on all registry accounts. Review dependency changes in PRs.

Has the attacker been identified?

As of the time of this writing, there is no public attribution. The investigation is ongoing, and most public reporting focuses on the compromised packages, publisher metadata, and network indicators rather than a confirmed actor identity.

This is an unofficial community site. Not affiliated with the Axios project, npm, or its maintainers.