The Axios library was attacked through a supply chain, with hackers using stolen npm tokens to implant a remote trojan, affecting about 80% of cloud environments

By: rootdata|2026/04/02 05:48:26
0
Share
copy

The attacker stole the npm access token of the chief maintainer of Axios, the most popular HTTP client library for JavaScript, and used that token to publish two malicious versions containing cross-platform remote access trojans (RATs) (axios@1.14.1 and axios@0.3.4), targeting macOS, Windows, and Linux systems. The malicious packages were removed from the npm registry about 3 hours after being published.

According to data from security company Wiz, Axios is downloaded over 100 million times weekly and exists in about 80% of cloud and code environments. Security company Huntress detected the first infections just 89 seconds after the malicious packages went live and confirmed that at least 135 systems were compromised during the exposure window. Notably, the Axios project had previously deployed modern security measures such as OIDC trusted publishing mechanisms and SLSA provenance proofs, but the attacker completely bypassed these defenses. Investigations revealed that while configuring OIDC, the project retained the traditional long-lived NPM_TOKEN, and npm defaults to using the traditional token when both coexist, allowing the attacker to publish without breaching OIDC.

You may also like

The impact of OUSD on Circle, Tether, and Paxos: not a single negative factor, but a more complex reshaping of competition

OUSD will not be the last new competitor; Circle needs to respond more actively in terms of products, distribution, and ecosystem collaboration.

Li Feifei's latest long article: When video generation, robots, and NVIDIA all claim to be world models, we need a taxonomy

Language gives machines a way to talk about the world. The world model is the means by which machines ultimately understand, imagine, reason, and interact with it.

Blaming the desolation of the cryptocurrency world on the rise of AI is a form of intellectual laziness

The emergence of giants signifies a mature business model. Although it will reduce speculative space, there is also enough room for error, allowing for the continuous emergence of new forces.

Strategy Founder: The Next 10 Years of Bitcoin

In the next decade, the biggest evolution of Bitcoin is precisely "responding to change with invariance." The four-year cycle is giving way to capital flows such as ETFs, corporate and sovereign reserves, and bank credit, while digital credit and digital currency will grow layer upon layer on top of...

Forbes Special Report: Stablecoin cross-border payments are faster now, but not cheaper yet

Cross-border payments using stablecoins are rapidly expanding, bringing speed and accessibility, but due to insufficient institutional liquidity, they have not yet delivered on their promised cost savings. The technology has been validated, and regulations are improving, but the industry has not yet...

A valuation of 8 billion dollars, doubling in 8 months! What makes the crypto-friendly bank Erebor Bank stand out?

Erebor is a high-profile experiment taking place at the intersection of banking, cryptocurrency, and industrial policy.

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com