The article describes a supply chain attack where an attacker compromised the developer accounts for the Axios HTTP client library and published malicious npm packages containing a backdoored dependency designed to install droppers and remote access trojans. The attack vector involved the publication of a trojanized copy of the crypto-js library via npm. Specific version numbers, CVSS scores, or remediation guidance were not provided in the source text.
An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a malicious dependency that triggered the installation of droppers and remote access trojans. How the attack unfolded On March 30, 2026, with an account using a separate throwaway ProtonMail address, the attacker published on NPM a trojanized copy of the popular crypto-js JavaScript library of crypto standards. … More → The post Axios npm packages backdoored in supply chain attack appeared first on Help Net Security .