First reported by Datadog
Compromised axios npm package delivers cross-platform RAT
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT
3mo agoen
Source
SnykAxios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RATsnyk.ioMeta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injecting a hidden dependency that deploys a cross-platform remote access trojan. Here's what happened, who's affected, and how to check your exposure.
You might also wanna read
Compromised axios npm package delivers cross-platform RAT
Datadog·3mo ago
axios npm Package Compromised: Versions 1.14.1 and 0.30.4 Contain RAT Malware
axios versions 1.14.1 and 0.30.4 were compromised on npm between March 30-31, 2026, with a malicious dependency that drops a remote access t
cstu.io·24d agoAxios attack: How a compromised npm package delivered RAT malware
ThreatLocker·12d ago
NPM supply chain attack compromises popular packages, posing widespread security risk
A significant supply chain attack on the NPM package ecosystem compromised several popular packages, potentially allowing malicious code to

September 2025 NPM supply-chain attack compromises popular JavaScript packages
In September 2025, a coordinated software supply-chain attack targeted multiple popular NPM packages in the JavaScript ecosystem. The attack
projectptixiakis.github.io·1mo ago
Microsoft uncovers npm supply chain attack stealing cloud and CI/CD credentials via typosquatted packages
Microsoft identified an active supply chain attack (Mini Shai-Hulud campaign) targeting the npm package ecosystem. On May 28, 2026, a threat
microsoft.com·1mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.