Security News

Cybersecurity news aggregator

📦
INFO Vulnerabilities Fortinet PSIRT

Axios npm Package Compromised

npmsupply-chainransomwaremitre-ta0001mitre-ta0040
  • What: Axios npm package was compromised with a hidden dependency that installs a RAT
  • Impact: Users of affected versions may have been exposed to remote access malware
Read Full Article →

PSIRT Axios npm Package Compromised Summary On March 31, 2026, the Axios npm package was compromised via a maintainer account takeover. Two malicious versions were published - axios@1.14.1 and axios@0.30.4 - which introduced a hidden dependency (plain-crypto-js@4.2.1) able to execute a post‑install script deploying a cross‑platform Remote Access Trojan (RAT) on Windows, macOS, and Linux systems. None of Fortinet products have been impacted by this supply chain attack. Timeline 2026-04-14: Initial publication References https://github.com/axios/axios/issues/10636 IR Number FG-IR-26-126 Published Date Apr 14, 2026 Component OTHERS Severity Info Discovered Third-Party Library Attack Type Authenticated Known Exploited No Impact Execute unauthorized code or commands Download CVRF CSAF

Related Articles

CRITICAL Axios npm package compromised in supply chain attack. Downloads malware dropper package Reddit r/netsec CRITICAL Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account The Hacker News HIGH Elastic releases detections for the Axios supply chain compromise Elastic Security Labs HIGH New npm supply-chain attack self-spreads to steal auth tokens BleepingComputer
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn