Axios npm Package Compromised in Supply Chain Attack Delivering Cross-Platform RAT
The Axios npm package was compromised on March 31, 2026, via a maintainer account takeover, with malicious versions deploying a cross-platform RAT on Windows, macOS, and Linux.
On March 31, 2026, the widely used Axios npm package was compromised in a supply chain attack that published two malicious versions — axios@1.14.1 and axios@0.30.4 — each embedding a hidden dependency called plain-crypto-js@4.2.1. The malicious package executes a post-install script that deploys a cross-platform Remote Access Trojan (RAT) on Windows, macOS, and Linux systems, giving attackers full remote control over infected developer machines.
The attack was carried out through a maintainer account takeover, a technique that has become increasingly common in the open-source ecosystem. By compromising a legitimate maintainer's credentials, the attackers were able to push malicious code directly to the npm registry under the trusted Axios namespace. The hidden dependency, plain-crypto-js, was designed to evade casual inspection by mimicking a legitimate cryptographic utility library.
Once installed, the RAT provides attackers with capabilities including file exfiltration, keystroke logging, credential theft, and remote command execution. Because the malicious code runs during the npm install process via the post-install script, any developer or CI/CD pipeline that installed the compromised versions would have been immediately compromised. The attack affects all users who installed either of the two malicious versions before they were identified and removed.
Fortinet PSIRT, which disclosed the incident, confirmed that none of its own products were impacted by the supply chain attack. The disclosure timeline shows that the compromise occurred on March 31, 2026, with Fortinet publishing its advisory on April 14, 2026. The npm registry has since removed the malicious versions, but users who installed them should treat their systems as compromised and rotate all credentials, API keys, and secrets that may have been exposed.
This incident is the latest in a string of high-profile npm supply chain attacks, following compromises of packages such as node-ipc, TanStack, and others. The open-source software supply chain remains a prime target for attackers because a single compromised package can cascade across thousands of downstream projects. Developers are urged to audit their dependencies, enable two-factor authentication on package registry accounts, and consider using lock files and integrity verification tools to detect unauthorized changes.
The Axios compromise underscores the persistent risk of maintainer account takeovers in the npm ecosystem. While the registry has implemented measures such as mandatory two-factor authentication for popular packages, attackers continue to find ways to bypass these protections. Organizations that rely on Axios should immediately check their dependency trees for the affected versions and follow incident response procedures if any installations are found.