Axios NPM Distribution Compromised in Supply Chain Attack
A compromised axios maintainer account led to malicious npm releases affecting projects with active dependencies on the package. The incident involved unauthorized releases propagated through the npm distribution network.
- Disclosed
- Last updated
- Blast radius
- axios npm package and all projects with active dependencies
- Ecosystems
- Attack vectors
- Threat actor
- Affected entities
- axios
A compromised axios maintainer account led to malicious npm releases that propagated across environments. According to the report, the attacker gained control of an axios maintainer account and used it to publish unauthorized malicious versions to npm.\n\nThe malicious releases reached projects with active dependencies on axios, creating a broad attack surface across the JavaScript ecosystem. The specific technical details of the payload and the exact versions affected are not provided in this source text.\n\nDetection and remediation guidance has been published by Wiz to help organizations assess impact, detect compromise, and secure their development workflows. Organizations using axios should review their dependency versions and apply security patches.
Remediation
- Review all axios dependencies and identify currently installed versions
- Update axios to the latest patched version from npm
- Audit project logs for evidence of code execution from malicious axios releases
- Implement dependency integrity checking and lock file verification
- Enable account security features for npm maintainer accounts including 2FA
- Review and revoke any suspicious API tokens or credentials
Sources
- Axios NPM Distribution Compromised in Supply Chain Attack · Wiz
- North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack · Google Threat Intelligence Group
Cite this entry
"Axios NPM Distribution Compromised in Supply Chain Attack." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed March 31, 2026; last updated June 7, 2026. https://supplychainattack.org/incident/axios-npm-distribution-compromised-in-supply-chain-attack-81wu4e
Suggest a correction
Found an error or have a newer source? Corrections to factual errors take priority over new entries.
Related incidents
- containedcritical
Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents
On June 5, 2026, the Miasma worm campaign compromised Microsoft's Azure GitHub organizations by pushing a malicious commit to the Azure/durabletask repository using a compromised contributor account. GitHub disabled 73 repositories across four Microsoft organizations after configuration files were planted to harvest credentials when developers opened repositories in AI coding agents like Claude Code, Gemini CLI, Cursor, or VS Code.
MiasmaAI agents & skillsMalicious commitAccount takeover - containedcritical
Laravel-Lang Supply Chain Attack: Every Tag Across Multiple Composer Packages Rewritten to Steal CI Secrets
On May 22, 2026, an attacker with push access to the Laravel-Lang GitHub organization rewrote git tags across multiple Composer packages to distribute malicious payloads that exfiltrate CI secrets. The attack affected laravel-lang/http-statuses, laravel-lang/actions, and laravel-lang/attributes, targeting developers who ran composer update or fresh installations.
OtherAccount takeoverMalicious commit - activehigh
Six Accounts, One Actor: Inside the prt-scan Supply Chain Campaign
A coordinated supply chain campaign dubbed "prt-scan" involved a single attacker controlling six GitHub accounts to exploit the pull_request_target GitHub Actions trigger. The campaign represents a follow-up to the earlier hackerbot-claw campaign, targeting CI/CD workflows with AI-powered attack methods.
prt-scanOtherMalicious commitAccount takeover - containedcritical
xygeni-action Compromised: C2 Reverse Shell Backdoor Injected via Tag Poisoning
The official Xygeni GitHub Action (xygeni-action) was compromised on March 3, 2026, via stolen maintainer credentials. An attacker injected a C2 reverse shell backdoor and moved the mutable v5 tag to the malicious commit, silently affecting all workflows referencing @v5. The v5 tag remained poisoned as of March 9, 2026.
OtherAccount takeoverMalicious commit