Axios npm Supply Chain Attack: North Korean Hackers Compromise 100M Weekly Downloads

TL;DR

  • North Korean threat group UNC1069 compromised the axios npm package — one of the most depended-upon JavaScript libraries with over 100 million weekly downloads — by hijacking the lead maintainer's npm account.
  • Malicious versions deployed a multi-stage remote access trojan (RAT) with backdoor capabilities resembling the WAVESHAPER malware family previously linked to fake Zoom installer campaigns.
  • Legitimate maintainers could not revoke the attacker's access because the hijacked account held higher permissions than their own, delaying remediation.
  • Socket and StepSecurity independently confirmed the malicious packages. Every organization running Node.js applications needs to audit their axios dependency immediately.

What Happened to the Axios npm Package?

Axios is a promise-based HTTP client for JavaScript with over 100 million weekly downloads, sitting in the dependency tree of countless production applications [1].​‌‌​​​​‌‍​‌‌‌‌​​​‍​‌‌​‌​​‌‍​‌‌​‌‌‌‌‍​‌‌‌​​‌‌‍​​‌​‌‌​‌‍​‌‌​‌‌‌​‍​‌‌‌​​​​‍​‌‌​‌‌​‌‍​​‌​‌‌​‌‍​‌‌‌​​‌‌‍​‌‌‌​‌​‌‍​‌‌‌​​​​‍​‌‌‌​​​​‍​‌‌​‌‌​​‍​‌‌‌‌​​‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌​‌​​​‍​‌‌​​​​‌‍​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​​‌​‌‌​‌‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​‌​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​‌‌‌​‍​‌‌​‌‌‌‌‍​‌‌‌​​‌​‍​‌‌‌​‌​​‍​‌‌​‌​​​‍​​‌​‌‌​‌‍​‌‌​‌​‌‌‍​‌‌​‌‌‌‌‍​‌‌‌​​‌​‍​‌‌​​‌​‌‍​‌‌​​​​‌‍​​‌​‌‌​‌‍​‌‌‌​‌​‌‍​‌‌​‌‌‌​‍​‌‌​​​‌‌‍​​‌‌​​​‌‍​​‌‌​​​​‍​​‌‌​‌‌​‍​​‌‌‌​​‌‍​​‌​‌‌​‌‍​​‌‌​​‌​‍​​‌‌​​​​‍​​‌‌​​‌​‍​​‌‌​‌‌​

In late March 2026, attackers compromised the npm account of the lead axios maintain

er and published versions containing a multi-stage malware payload. Because the compromised account held the highest publishing permissions, other maintainers could not revoke access or unpublish the tainted versions — a structural gap in npm's permission model that delayed remediation [2].

Google's Threat Intelligence Group attributed the attack to UNC1069, a North Korean financially motivated group [3]. Socket and StepSecurity independently confirmed malicious code in the affected versions [4][5].​‌‌​​​​‌‍​‌‌‌‌​​​‍​‌‌​‌​​‌‍​‌‌​‌‌‌‌‍​‌‌‌​​‌‌‍​​‌​‌‌​‌‍​‌‌​‌‌‌​‍​‌‌‌​​​​‍​‌‌​‌‌​‌‍​​‌​‌‌​‌‍​‌‌‌​​‌‌‍​‌‌‌​‌​‌‍​‌‌‌​​​​‍​‌‌‌​​​​‍​‌‌​‌‌​​‍​‌‌‌‌​​‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌​‌​​​‍​‌‌​​​​‌‍​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​​‌​‌‌​‌‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​‌​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​‌‌‌​‍​‌‌​‌‌‌‌‍​‌‌‌​​‌​‍​‌‌‌​‌​​‍​‌‌​‌​​​‍​​‌​‌‌​‌‍​‌‌​‌​‌‌‍​‌‌​‌‌‌‌‍​‌‌‌​​‌​‍​‌‌​​‌​‌‍​‌‌​​​​‌‍​​‌​‌‌​‌‍​‌‌‌​‌​‌‍​‌‌​‌‌‌​‍​‌‌​​​‌‌‍​​‌‌​​​‌‍​​‌‌​​​​‍​​‌‌​‌‌​‍​​‌‌‌​​‌‍​​‌​‌‌​‌‍​​‌‌​​‌​‍​​‌‌​​​​‍​​‌‌​​‌​‍​​‌‌​‌‌​

How Did the Attackers Get In?

The attack started with compromising a single npm account. UNC1069 has a documented history of credential phishing, social engineering, and token theft to access developer accounts [3][6].

With full publishing rights, the attackers pushed updates containing an obfuscated first-stage loader that contacted attacker-controlled infrastructure to fetch the second-stage payload: a RAT with keylogging, file exfiltration, and command execution capabilities [4]. Google researchers noted the RAT closely resembles WAVESHAPER, malware UNC1069 deployed through trojanized Zoom installers in late 2025 [3].

Why Is This So Damaging?

Supply chain attack impact scales with the compromised package's reach. When npm install pulls axios, malicious code executes during installation or runtime. The blast radius includes:

  • CI/CD pipelines installing dependencies during builds, exposing secrets, deployment keys, and cloud credentials.
  • Production servers pulling fresh dependencies, granting persistent access to running infrastructure.
  • Developer workstations where npm install is routine, creating entry points into corporate networks.

The permission hierarchy issue compounded the damage window — the hijacked owner account had privileges subordinate maintainers could not override [2].

What Should Your Business Do Right Now?

Audit your dependency tree. Run npm ls axios in every Node.js project to determine which version of axios is installed. Cross-reference with the known-malicious version list published by Socket [4]. If you find an affected version, treat the environment as potentially compromised.

Pin and lock dependencies. Use package-lock.json or npm-shrinkwrap.json to lock exact versions. Consider using npm audit alongside third-party tools like Socket, Snyk, or Dependabot to detect supply chain anomalies before they reach production [7].

Implement package provenance verification. npm supports provenance attestations through Sigstore, cryptographically linking packages to source repositories. This adds a verification layer that account compromise alone cannot bypass [8].

Rotate credentials and secrets. If any environment installed a malicious version, assume environment variables, API keys, and tokens accessible to the Node.js process have been exfiltrated. Rotate all reachable credentials.

Review npm account security. Ensure all maintainer accounts use MFA, audit publish access lists, and use granular access tokens [9].

Evaluate software composition analysis (SCA). Continuous dependency monitoring costs a fraction of the incident response triggered by a supply chain compromise.

How Does This Fit Into the Larger Supply Chain Threat Landscape?

The axios compromise follows an accelerating pattern: state-sponsored groups targeting open source supply chains as high-leverage attack vectors. A single compromised package propagates access to thousands of organizations simultaneously [10].

NIST's SSDF and CISA's supply chain guidance both emphasize dependency integrity verification and provenance tracking [11][12]. For businesses relying on open source, the takeaway is not to abandon it — but to treat dependency management with the same rigor applied to any third-party vendor relationship.

FAQ

Run npm ls axios in your project directory to see the installed version. Compare it against the list of compromised versions published by Socket and StepSecurity. If you use a lockfile (and you should), the version is pinned there as well. Running npm audit may also flag known-malicious versions.

The malicious versions have been removed from the npm registry, and clean versions are available. However, you should verify that your installed version matches a known-clean release and that your lockfile reflects the correct version. Monitor the axios GitHub repository and npm advisory database for ongoing updates.

Yes. Any package where a maintainer account is compromised can become a vector for supply chain attacks. This is not unique to axios — it is a structural risk of centralized package registries. Using provenance verification, lockfiles, and SCA tooling reduces your exposure across all dependencies.

UNC1069 is a threat group attributed to North Korea by Google's Threat Intelligence Group. The group is financially motivated, targeting cryptocurrency platforms, developer infrastructure, and software supply chains. They have been linked to the WAVESHAPER malware family and previous campaigns involving trojanized developer tools.

No. Open source software is foundational to modern development and provides significant value. The appropriate response is to implement controls — dependency pinning, SCA tooling, provenance verification, and regular audits — that manage supply chain risk without abandoning the ecosystem.

Your software supply chain is part of your attack surface. If you need help auditing your dependencies and building resilience against supply chain threats, schedule a consultation with lilMONSTER.

References

[1] npm, "axios — npm package page," npmjs.com, 2026. [Online]. Available: https://www.npmjs.com/package/axios

[2] The Hacker News, "Axios npm Package Compromised in Supply Chain Attack Linked to North Korea," The Hacker News, Apr. 2026. [Online]. Available: https://thehackernews.com/2026/04/axios-npm-package-compromised-supply-chain-north-korea.html

[3] Google Threat Intelligence Group, "UNC1069 Targets npm Ecosystem in Supply Chain Campaign," Google Cloud Blog, Apr. 2026. [Online]. Available: https://cloud.google.com/blog/topics/threat-intelligence/unc1069-npm-supply-chain-attack

[4] Socket, "Malicious axios Versions Identified on npm," Socket Security Blog, Mar. 2026. [Online]. Available: https://socket.dev/blog/malicious-axios-versions-npm-2026

[5] StepSecurity, "Axios Supply Chain Attack — Detection and Analysis," StepSecurity Blog, Apr. 2026. [Online]. Available: https://www.stepsecurity.io/blog/axios-supply-chain-attack-analysis-2026

[6] Mandiant, "North Korean Threat Actors Targeting Developer Accounts," Google Cloud Blog, Jan. 2026. [Online]. Available: https://cloud.google.com/blog/topics/threat-intelligence/north-korean-developer-account-targeting

[7] Snyk, "Protecting Against npm Supply Chain Attacks," Snyk Learn, 2026. [Online]. Available: https://snyk.io/learn/npm-supply-chain-security/

[8] npm, "About Package Provenance," npm Documentation, 2026. [Online]. Available: https://docs.npmjs.com/generating-provenance-statements

[9] npm, "Configuring Two-Factor Authentication," npm Documentation, 2026. [Online]. Available: https://docs.npmjs.com/configuring-two-factor-authentication

[10] The Record, "State-Sponsored Supply Chain Attacks on Open Source Accelerate in 2026," The Record by Recorded Future, Mar. 2026. [Online]. Available: https://therecord.media/state-sponsored-supply-chain-attacks-open-source-2026

[11] NIST, "Secure Software Development Framework (SSDF) Version 1.1," National Institute of Standards and Technology, 2022. [Online]. Available: https://csrc.nist.gov/projects/ssdf

[12] CISA, "Defending Against Software Supply Chain Attacks," Cybersecurity and Infrastructure Security Agency, 2024. [Online]. Available: https://www.cisa.gov/software-supply-chain-attacks

Axios npm Supply Chain Attack — Explained Simply

TL;DR

  • Hackers from North Korea snuck spy software into axios, a tool used by millions of programmers.
  • They stole a developer's login key to push bad code into the official package.
  • If your company has a website or app, ask your tech team to check their axios version immediately.

What Happened?

Hackers from North Korea broke into one of the most popular tools programmers use to build websites and apps. The tool is called "axios," and over 100 million times every week, programmers download it. The hackers snuck bad code into it so anyone who downloaded the tool also got a hidden spy program.

What Is a Supply Chain Attack?

Imagine you buy LEGO sets from a store you trust. One day, someone sneaks into the factory and hides a tiny camera inside a brick before it ships. You build your set and never notice, but now someone is watching you. That is a supply chain attack — the bad guys tamper with something you trust before it reaches you, instead of attacking you directly.

How Did the Hackers Get In?

They stole the login key of the person in charge of axios. Think of it like stealing the factory manager's master key. Once they had it, they could change what was inside the package and push it out to everyone.

The worst part: other helpers on the project could not take the key back. The stolen account had more power than theirs — like a vice principal trying to override the principal's keycard.

What Did the Bad Code Do?

The hidden code worked in two steps. First, a small program quietly called the hackers' computers — like a walkie-talkie checking in. Then the hackers sent back a bigger spy program that could read files, record what you type, and control your computer remotely.

What Can You Do?

  • Ask your tech team to check which version of axios is installed and make sure it is a safe one.
  • Use tools that scan for bad packages before they get into your projects.
  • Make sure developers use two-factor authentication (password plus a code from your phone).
  • Watch for security alerts from npm, the store where programmers get their tools.

FAQ

Yes. Any tool programmers download could be targeted the same way. Companies need to track what tools they use and scan them regularly.

If your company has a website or app, programmers likely used axios or something like it. Make sure your tech team or IT provider is aware and has checked.

The bad versions were removed and clean ones are available. Your team needs to confirm they are using the clean version.

RAT stands for Remote Access Trojan — a spy program that lets a hacker control your computer from far away, like a remote-control car except it is your computer.

References

[1] R. Lakshmanan, "North Korean Hackers Compromise npm Supply Chain via Axios Package," The Hacker News, Mar. 2026. [Online]. Available: https://thehackernews.com/2026/03/north-korean-hackers-npm-axios.html

[2] J. Greig, "npm supply chain attack traced to North Korea's UNC1069," The Record by Recorded Future, Mar. 2026. [Online]. Available: https://therecord.media/npm-axios-supply-chain-attack-north-korea

[3] CISA, "Defending Against Software Supply Chain Attacks," Cybersecurity and Infrastructure Security Agency, 2024. [Online]. Available: https://www.cisa.gov/software-supply-chain-attacks

[4] Microsoft, "Analyzing attacks against software supply chains," Microsoft Threat Intelligence, 2025. [Online]. Available: https://www.microsoft.com/en-us/security/blog/threat-intelligence/supply-chain-attacks/

Want to make sure your business is not affected by supply chain attacks like this one? Talk to lilMONSTER about protecting your software and your team.

Ready to strengthen your security?

Talk to lilMONSTER. We assess your risks, build the tools, and stay with you after the engagement ends. No clipboard-and-leave consulting.

Get a Free Consultation