tldrdailynews.com logo

Axios supply-chain breach delivers cross-platform RAT through fake dependency

1 min read
Source: The Hacker News
Axios supply-chain breach delivers cross-platform RAT through fake dependency
Photo: The Hacker News
TL;DR Summary

Axios was hit by a supply-chain attack after attackers used compromised maintainer credentials to publish axios v1.14.1 and v0.30.4, which inject the fake dependency [email protected]. The postinstall script in that dependency drops a cross-platform RAT on macOS, Windows, and Linux, contacting a C2 server and delivering platform-specific payloads before self-deleting. Users should downgrade to 1.14.0 or 0.30.3, rotate credentials, remove plain-crypto-js from node_modules, audit CI/CD for the affected installs, and block egress to the C2 domain sfrclak.com. Axios itself wasn’t modified; the malicious behavior resided entirely in a transitive dependency, with additional vendored packages also distributing the malware.

Topics:business#axios#malware#npm#remote-access-trojan#security#supplychainattack
Share this article
  1. Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account  The Hacker News
  2. axios Compromised on npm - Malicious Versions Drop Remote Access Trojan  StepSecurity
  3. Axios Software Tool Used by Millions Compromised in Hack  Bloomberg.com
  4. Axios npm Hijack 2026: Everything You Need to Know – IOCs, Impact & Remediation  SOCRadar® Cyber Intelligence Inc.
  5. Axios NPM Distribution Compromised in Supply Chain Attack  wiz.io

Reading Insights

Total Reads

0

Unique Readers

12

Time Saved

6 min

vs 7 min read

Condensed

93%

1,35398 words

Want the full story? Read the original article

Read on The Hacker News