THREATOPS
THREAT OPSThreat News › Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

infosnykPublished 2026-03-30

Meta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injecting a hidden dependency that deploys a cross-platform remote access trojan. Here's what happened, who's affected, and how to check your exposure.

Original source: https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/