💼Stalecollected in 31m

Axios npm Hit by Trojan Supply Chain Attack

Axios npm Hit by Trojan Supply Chain Attack
PostLinkedIn
💼Read original on VentureBeat

💡Top JS lib (100M/wk dl) supply chain hacked—audit your deps & CI/CD now (80% envs hit)

⚡ 30-Second TL;DR

What Changed

Stolen long-lived npm token enabled CLI publish of poisoned axios 1.6.3 and 1.7.1 without touching source code.

Why It Matters

Exposes widespread risk in open-source dependencies used in AI apps, CI/CD, and frontends. Forces reevaluation of token hygiene despite SLSA/OIDC adoption. Likely prompts npm policy changes and tool scans.

What To Do Next

Scan your projects for axios versions 1.6.3/1.7.1 and rotate all long-lived npm tokens immediately.

Who should care:Developers & AI Engineers

Key Points

  • Stolen long-lived npm token enabled CLI publish of poisoned axios 1.6.3 and 1.7.1 without touching source code.
  • Malicious dependency plain-crypto-js@4.2.1 runs postinstall script dropping self-erasing RAT on dev machines.
  • Huntress detected infections 89 seconds post-publish; affects 100M+ weekly downloads in 80% of cloud/code envs.
  • Attacker pre-staged clean package and bypassed GitHub CI/CD as npm prioritized token over OIDC.

🧠 Deep Insight

AI-generated analysis for this event.

🔑 Enhanced Key Takeaways

  • The attack utilized a 'dependency confusion' variant where the malicious plain-crypto-js package was registered on the public npm registry to shadow internal or expected naming conventions, tricking the axios build process.
  • Post-incident analysis revealed the attacker leveraged a compromised developer machine's environment variables to extract the long-lived npm token, highlighting the vulnerability of local development environments compared to ephemeral CI/CD tokens.
  • npm's security team has since accelerated the deprecation timeline for long-lived tokens, mandating the use of scoped, short-lived tokens with restricted permissions for all maintainers of packages with over 1 million weekly downloads.

🛠️ Technical Deep Dive

  • The RAT (Remote Access Trojan) utilized a multi-stage payload: the initial postinstall script was a heavily obfuscated JavaScript snippet that performed environment fingerprinting.
  • Upon successful fingerprinting, the script fetched a secondary binary from a compromised CDN, which was executed in memory using a fileless technique to evade disk-based antivirus scanners.
  • The RAT established persistence by modifying shell configuration files (.zshrc, .bashrc) to execute a hidden background process upon terminal initialization, ensuring cross-platform coverage.
  • Communication with the Command and Control (C2) server was performed over encrypted WebSockets, mimicking legitimate traffic patterns to bypass standard network egress filtering.

🔮 Future ImplicationsAI analysis grounded in cited sources

npm will mandate OIDC-based authentication for all high-traffic packages by Q4 2026.
The bypass of CI/CD controls via token-based CLI publishing has created significant pressure for npm to enforce non-interactive, identity-based publishing workflows.
Automated supply chain security scanning will become a mandatory step in the npm publish pipeline.
The speed of detection by third-party tools like Huntress has exposed the inadequacy of current native npm registry security checks for malicious code injection.

Timeline

2023-09
Axios maintainers implement initial 2FA requirements for package publishing.
2024-11
npm introduces support for OIDC-based publishing to replace long-lived tokens.
2026-04
Axios npm account compromised via stolen long-lived token, leading to malicious versions 1.6.3 and 1.7.1.
📰

Weekly AI Recap

Read this week's curated digest of top AI events →

👉Related Updates

AI-curated news aggregator. All content rights belong to original publishers.
Original source: VentureBeat