惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog RSS Feed
C
CERT Recently Published Vulnerability Notes
P
Proofpoint News Feed
Y
Y Combinator Blog
T
The Blog of Author Tim Ferriss
云风的 BLOG
云风的 BLOG
H
Help Net Security
Recorded Future
Recorded Future
The Register - Security
The Register - Security
F
Full Disclosure
N
Netflix TechBlog - Medium
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hackread – Cybersecurity News, Data Breaches, AI and More
爱范儿
爱范儿
Security Archives - TechRepublic
Security Archives - TechRepublic
Simon Willison's Weblog
Simon Willison's Weblog
Cisco Talos Blog
Cisco Talos Blog
I
InfoQ
T
Tenable Blog
T
Tor Project blog
人人都是产品经理
人人都是产品经理
D
DataBreaches.Net
NISL@THU
NISL@THU
Google DeepMind News
Google DeepMind News
博客园 - 叶小钗
B
Blog
V
V2EX
Jina AI
Jina AI
L
LangChain Blog
月光博客
月光博客
W
WeLiveSecurity
U
Unit 42
AWS News Blog
AWS News Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园 - 聂微东
V
Visual Studio Blog
A
Arctic Wolf
T
Tailwind CSS Blog
The Cloudflare Blog
SecWiki News
SecWiki News
S
SegmentFault 最新的问题
Hacker News - Newest:
Hacker News - Newest: "LLM"
宝玉的分享
宝玉的分享
MyScale Blog
MyScale Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
S
Securelist
www.infosecurity-magazine.com
www.infosecurity-magazine.com
腾讯CDC
雷峰网
雷峰网

Tenable Blog

July 2026 Patch Tuesday: Largest Patch Tuesday 569 CVEs FedRAMP High, IL5, and zero trust: How federal agencies can secure cloud environments OMB M-26-14: Why federal agencies must fix asset visibility first CISO’s guide to CISA BOD 26-04 and risk-based security metrics for vulnerability management How much cyber risk does AI create for organizations? 457 million security issues. Here’s what you can do about it. The Developer Credential Economy: An inside look at the Miasma worm campaign Oracle Critical Security Patch Update June 2026 | Tenable® How Tenable helps federal agencies comply with CISA BOD 26-04 Get critical cyber risk context: Understanding control validation, CTEM & Tenable One CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507) The June 2026 AI Executive Order: What federal agencies need to know and how Tenable can help Tenable joins Anthropic’s Project Glasswing to advance AI-era cyber defense Tenable CTO Vlad Korsunsky Q&A: Countering AI threat multipliers with AI-powered exposure management | Tenable CTO Q&A: C-suite views AI as massive threat, as cyber teams adopt exposure management to counter AI attacks Oracle May 2026 Critical Security Patch Update Addresses 35 CVEs Download pumping: New npm deception technique for supply chain attacks Inside the customer environment: Where threat actors, vulnerabilities, and exposed assets intersect EXPOSURE 2026 prepares cybersecurity professionals for the AI era Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign CVE-2026-9082: Highly Critical SQL Injection Vulnerability in Drupal Core (SA-CORE-2026-004) Tenable One deepens third-party integrations with new Open Connector for unified risk visibility Implement agentic AI in cybersecurity with Tenable Hexa AI: Reduce cyber risk at machine speed Key findings from the Verizon DBIR 2026: Slower vulnerability remediation meets faster exploitation Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182) Bring out your dead: How agentic AI for cybersecurity helps you rid your cloud of forgotten, risky assets Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation Securing data centers in the agentic AI era Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103) Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain Why the approaching flood of vulnerabilities changes everything — and what to do about it The AI-vs-AI battle is already happening. Watch it live at EXPOSURE 2026. Anthropic’s CEO warns the “moment of danger” is real. But most are looking in the wrong place. Security for AI: A strategic framework for closing the AI exposure gap Vulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AI Bridging the gap: How to integrate Claude Security into the Tenable One Exposure Management Platform Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability Mastering agentic AI security through exposure management As the NVD scales back CVE enrichment, here’s what Tenable customers need to know Five steps to become Mythos ready Oracle April 2026 Critical Patch Update Addresses 241 CVEs Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching Unlocking foundational visibility for cyber-physical systems with OT vulnerability management Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201) Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild The developer credential economy: Why exposure data is the new front line in the supply chain war Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069 What’s new in Tenable Cloud Security: Custom policies, AWS ABAC, and research-driven protection Uncover prompt injection, insider threats with the Tenable One Model Refusal Detection Security for AI: A guide to managing the risks of vibe coding and AI in software development Meet Tenable Hexa AI: Agentic AI for exposure management
Supply chain attack on Axios npm package: Scope, impact, and remediations
2026-03-31 · via Tenable Blog

The Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft, including the loss of credentials and API keys. Scan your environment now. 

Key takeaways

  1. This incident is a confirmed supply chain attack. The presence of malicious Axios versions (1.14.1 or 0.30.4) signifies a confirmed security breach rather than a potential risk. Organizations must move beyond “patching” and initiate full incident response playbooks for any host where these packages are detected.
     
  2. If affected, organizations must immediately quarantine hosts, apply incident response playbooks, and rotate all exposed secrets. In the last supply chain attacks we observed, attackers were very quick to abuse any exposed secrets, credentials, or API keys, usually abusing them a couple of hours after leakage. This highlights how short the window is for response for defenders.
     
  3. Because these attacks will keep happening, passive defense is insufficient. Organizations must implement strict security measures — such as minimum package age policies, pinning dependencies, auditing lockfiles, and actively scanning environments — to protect against the next inevitable supply chain compromise.

Introduction: Axios supply chain compromise 

A critical software supply chain attack compromised “Axios,” a highly popular npm package with over 100 million weekly downloads, commonly used as a promise-based HTTP client for the browser and Node.js. 

Attackers successfully hijacked a maintainer account and embedded a hidden, malicious dependency into two newly published versions of Axios. The attacker injected a malicious package called “plain-crypto-js” into the dependency tree of the Axios package. The package “plain-crypto-js” utilized a postinstall script to execute a remote access trojan (RAT) dropper during the installation process.

Because the embedded malware executes immediately upon installation of this highly popular NPM package, the scope of this breach is potentially massive. Any environment that downloaded these compromised versions of Axios is at risk of severe data theft, including the loss of credentials and API keys.

For additional information on this compromise, see our follow-up blog: Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

See how recent supply chain attacks are creating a black market for highly privileged developer credentials.

Frequently asked questions (FAQs) about Axios supply chain attack

When was the Axios npm package first compromised?

The first malicious versions of Axios were uploaded on March 31, 2026 at 1 AM UTC.

What happened? What did threat actors do? 

Attackers hijacked the npm account of Axios’s lead maintainer and published two malicious versions of the Axios package: version “1.14.1” and version “0.30.4”.

Rather than altering Axios’s source code, they added “[email protected]” as a dependency for the Axios package.

Installing “plain-crypto-js” automatically executes a double-obfuscated Node.js dropper (setup.js) using npm’s postinstall lifecycle hook. “postinstall” hooks can be used to execute code during the installation process. This is a very common technique used by malicious npm packages that we expect to see more and more in the future.

Once deobfuscated, the dropper identified the victim’s host operating system and reached out to the attacker’s command and control (C2) server (sfrclak[.]com:8000) to pull a second-stage payload.

The second stage payload is a RAT tailored to the OS, supporting MacOS, Windows, and Linux.

Has the Axios developer addressed this issue?

All of the malicious versions of Axios have been removed from the public registry. It is now safe to install new versions of Axios.

How can I tell if I’m running malicious versions of Axios? 

To determine if you are affected, scan your environment for the presence of the malicious versions of the affected packages. Look specifically for versions 1.14.1 and 0.30.4 and these other indicators of compromise (IOCs):

NameIOC
Infected PackageName: “Axios”
Version: “1.14.1”
Infected PackageName: “Axios”
Version: “0.30.4”
Infected Package

Name: “plain-crypto-js”

Version : all

SHA256 of Javascript dropper named “setup.js”e10b1fa84f1d6481625f741b69892780140d4e0e7769e7491e5f4d894c2e0e09
Attacker C2 Domainsfrclak[.]com

The presence of the vulnerable versions in the filesystem likely means that it was installed using the npm package manager, and therefore, infected the relevant host. 

That’s why you should treat any system where you find malicious versions of Axios as fully compromised and immediately implement relevant incident response and containment playbooks.

If affected, organizations must immediately quarantine hosts, apply incident response playbooks, and rotate all exposed secrets. In the last supply chain attacks we observed, attackers were very quick to abuse any exposed secrets, credentials, or API keys, usually abusing them a couple of hours after leakage. This highlights how short the window is for response for defenders.

Because these attacks will keep happening, passive defense is insufficient. Organizations must implement strict security measures — such as minimum package age policies, pinning dependencies, auditing lockfiles, and actively scanning environments — to protect against the next inevitable supply chain compromise.

How can Tenable help me address the supply chain attack on the Axios npm package? 

Tenable One continuously, automatically, and proactively detects the malicious versions of Axios across both on-premises and cloud environments.

Tenable Nessus and Tenable Cloud Security, both part of the Tenable One Exposure Management platform, continuously monitor for new indicators of compromise (IOCs) and track research associated with this evolving campaign.

A list of Tenable plugins to identify the malicious package will appear here as soon as they're released:

Tenable Cloud Security classifies affected packages as malicious. Detected packages will appear in your Tenable console environment the next time data is synced.

For more information on remediations, see our follow-up blog: Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

Conclusion

This security incident affecting the Axios npm package is a critical reminder that massive software supply chain attacks remain a recurring threat. Threat actors continuously exploit the trust in open source ecosystems to get around organizations’ traditional, perimeter-based security controls and deliver malicious software at scale.

Ron Popov

Ron Popov

Senior Security Researcher, Tenable

Ron Popov is a Senior Security Researcher at Tenable Research with over 7 years of experience, including deep knowledge of network security and on-prem networks. Currently, he focuses on researching and securing cloud environments in various fields, including identity security, vulnerability management, supply chain attacks and much more.