Skip to content
Tech News
← Back to articles

Post Mortem: axios NPM supply chain compromise

2026-04-03 | original
read original get Axios Developer Tool Kit → more articles
Why This Matters

The npm supply chain compromise of the axios package highlights the ongoing cybersecurity risks faced by open source projects and their users. It underscores the importance of vigilant security practices for developers and consumers to prevent malicious code from infiltrating widely-used software dependencies, which can have widespread impacts across multiple platforms.

Key Takeaways

Post Mortem: axios npm supply chain compromise

Date: March 31, 2026

Author: Jason Saayman

Status: Remediation in progress

On March 31, 2026, two malicious versions of axios (1.14.1 and 0.30.4) were published to the npm registry through my compromised account. Both versions injected a dependency called [email protected] that installed a remote access trojan on macOS, Windows, and Linux.

The malicious versions were live for about 3 hours before being removed.

Are you affected?

Check your lockfile:

grep -E " axios@(1\.14\.1|0\.30\.4)|plain-crypto-js " package-lock.json yarn.lock 2> /dev/null

If anything comes back, treat that machine as compromised:

... continue reading

Explore topics: npm axios plain-crypto-js macos remediation
Related:
macOS 26.5 public beta 1 now available, here’s how to install it
macOS 26.4 adds three new battery features on Mac, here’s how to use them
Apple begins notifying WWDC applicants of lottery results
Tailscale's New macOS Home
Tailscale's new macOS home

© 2026 GoKawiil

About | Editorial Policy | Contact