Last updated: April 2026 (updated April 4 with post-mortem details)
Key Takeaways
- On March 31, 2026, North Korean state hackers hijacked the widely used Axios JavaScript library on npm, pushing malware to Windows, macOS, and Linux systems during a roughly three-hour window before the malicious versions were removed.
- The maintainer's post-mortem confirms the attackers spent weeks building a fake company identity — complete with a cloned Slack workspace and fake employee profiles — before tricking him into installing malware during a staged Microsoft Teams call. Two-factor authentication did not prevent the compromise.
- Even if you are not a developer, this attack is a reminder that keeping your devices updated, using DNS-level protections, and understanding how software supply chains work are all important steps in protecting your home network.
What Happened With the Axios npm Attack
In the early morning hours of March 31, 2026, attackers compromised the account of the lead maintainer of Axios, one of the most widely used open-source software libraries on the internet. Axios is a JavaScript tool that helps applications send and receive data over the web. It is downloaded more than 100 million times per week and is present in roughly 80% of cloud-based software environments, according to SecurityWeek.
After hijacking the maintainer's account, the attackers published two poisoned versions of Axios (1.14.1 and 0.30.4) to the npm registry, which is the main public repository where developers download JavaScript software packages. These tampered versions contained a hidden component that silently installed malware on any system that downloaded them. The malware worked on Windows, macOS, and Linux, covering virtually every type of computer or server.
The malicious versions were live for approximately three hours before they were detected and pulled down. During that window, roughly 3% of the Axios user base pulled the compromised packages, according to researchers at Wiz. That may sound small, but given the library's massive download volume, it potentially translates to hundreds of thousands of affected systems.
Who Was Behind the Attack
Multiple major cybersecurity firms have attributed this attack to North Korean state-sponsored hackers. Microsoft identified the responsible group as Sapphire Sleet. Google's Threat Intelligence Group linked the attack to a cluster they track as UNC1069, a financially motivated group with deep experience in supply chain attacks and cryptocurrency theft. Sophos connected the compromise to a group they call NICKEL GLADSTONE, which focuses on generating revenue for the North Korean government.
Regardless of which name is used, the consensus across the industry is the same: this was a state-backed operation, not the work of random hackers.
How the Maintainer Was Compromised: Social Engineering, Not Hacking
On April 3, 2026, lead axios maintainer Jason Saayman published a detailed post-mortem on GitHub confirming how the attackers gained access to his account. It was not a password breach, a credential leak, or a technical exploit. It was a weeks-long social engineering campaign designed specifically for him.
Approximately two weeks before the attack, Saayman was contacted by someone masquerading as the founder of a real, well-known company. The attackers had cloned the founder's identity and built a convincing replica of the company itself. They invited Saayman to join a Slack workspace branded with the company's visual identity and named in a plausible manner. Inside the workspace, fake employee profiles populated the member list, including profiles impersonating other open-source maintainers. Dedicated channels shared posts linking to the real company's LinkedIn page, creating the impression of an active, legitimate team.
After establishing rapport over multiple interactions, the attackers scheduled a Microsoft Teams call. When Saayman joined, a fake error message told him that something on his system was out of date. He installed what appeared to be a Teams update. That "update" was the RAT — a remote access trojan that gave the attackers full control of his machine.
Once the RAT was running, the attackers had access to everything on Saayman's computer, including his npm session tokens, credentials, and two-factor authentication codes. Saayman confirmed he had 2FA enabled on his npm account, but it made no difference. When an attacker controls your machine, software-based authentication codes are just another application they can read in real time. The attackers changed his npm account email to an address they controlled and used a long-lived access token to publish the malicious axios versions.
During the attack itself, the attackers used Saayman's account to delete GitHub issues that community members had opened to report the suspicious releases, buying themselves additional time before the malicious versions were pulled. The compromise was ultimately stopped after axios collaborator Dmitriy Mozgovoy reached out directly to npm staff to trigger removal.
Not an Isolated Incident
In the days following the post-mortem, multiple other high-profile npm maintainers confirmed they had been targeted by the same social engineering playbook. Feross Aboukhadijeh, CEO of Socket and creator of WebTorrent and other packages with billions of cumulative downloads, reported being targeted. Jordan Harband, a TC39 member who maintains hundreds of foundational JavaScript packages, confirmed the same. John-David Dalton, creator of Lodash (over 137 million weekly npm downloads), was also targeted. Several Socket engineers reported similar approaches.
Security researcher Taylor Monahan, who has tracked UNC1069 campaigns across the cryptocurrency sector, noted the strategic shift. The group has historically targeted crypto founders, venture capitalists, and high-net-worth individuals through similar social engineering. Pivoting to open-source maintainers represents a dramatic escalation in efficiency: instead of compromising one target at a time to steal from one organization, a single maintainer compromise can deliver malware to millions of downstream systems simultaneously.
Google's Mandiant team has documented UNC1069 using AI-generated video for executive impersonation during calls, and new infrastructure appearing in early April 2026 suggests the group is extending the fake meeting playbook to Slack huddles and other communication platforms.
Saayman outlined several preventive changes in his post-mortem: resetting all devices and credentials across personal and professional accounts, adopting FIDO hardware security keys (which resist remote interception even on a compromised machine), switching to immutable release artifacts, and enforcing OIDC-based trusted publishing for all future axios releases.
What Is a Supply Chain Attack (and Why Should You Care)
A supply chain attack happens when hackers compromise a trusted piece of software that other software depends on. Instead of attacking you directly, they poison a building block that gets automatically pulled into thousands or millions of other applications.
Think of it like this: if someone tampered with a single widely used ingredient at a food processing plant, every product made with that ingredient would be affected, even if the brands selling the final product had no idea anything was wrong. That is essentially what happened here. The attackers did not need to hack individual companies or users. They just needed to compromise one trusted package, and the normal software update process did the rest.
This matters to everyday internet users because the apps, websites, and online services you use every day are built on layers of open-source software like Axios. When one of those layers gets compromised, the ripple effects can reach anyone.
Related Reading: This is not the first npm security incident to make headlines recently. A leaked source bundle for Anthropic's Claude Code tool raised similar concerns about software supply chain trust. Read: Claude Code Source Leak Raises npm Security Concerns
How the Attack Actually Worked
The attackers staged the operation carefully. About 18 hours before the main attack, they published a seemingly harmless package called "plain-crypto-js" to npm. The next day, they used the hijacked maintainer account to push new Axios versions that listed this fake package as a required dependency.
When any developer or automated system ran a standard install command, the malicious code executed automatically in the background. It contacted an attacker-controlled server, downloaded a platform-specific payload (tailored for macOS, Windows, or Linux), and installed a remote access trojan, which is a type of malware that gives attackers ongoing access to the infected system.
The malware then erased its own installation traces and replaced its configuration file with a clean decoy. A developer inspecting their system after the fact would have found no obvious sign that anything went wrong. According to researchers at StepSecurity, the entire process from installation to full compromise took approximately 15 seconds.
What This Means for Home Network Security
You might be thinking this only affects software developers, but the reality is more complicated. Axios is embedded in web applications, mobile apps, backend services, and automated systems across virtually every industry. If a company you do business with pulled in the compromised version during that three-hour window, their systems could have been affected, and by extension, any data you have stored with them.
Supply chain attacks also highlight why general home network security practices matter. Even though the average person does not install npm packages, the broader lesson applies to everything from your router firmware to the apps on your phone.
The post-mortem also reveals a systemic vulnerability that no technical fix can fully address: the entire npm ecosystem's security ultimately depends on the personal operational security of individual volunteer maintainers. Saayman is an experienced developer who had 2FA enabled and followed standard security practices. It was not enough. The social engineering campaign was professionally executed over weeks, designed to feel unremarkable, and tailored specifically to his profile.
As Feross Aboukhadijeh of Socket put it: this kind of targeted social engineering against individual maintainers is the new normal, and these campaigns are sophisticated, persistent, and accelerating across the ecosystem. When a state-level intelligence operation decides to target the human at the top of a dependency tree, no amount of technical safeguards downstream can prevent the initial compromise. That is why the defensive steps below matter — they limit the blast radius after a trusted source has been compromised.
Deep Dive: Want to understand how leaked source code gets analyzed and why software architecture matters for security? Our breakdown of the Claude Code leak covers how these exposures happen and what they reveal. Read: Claude Code Leak Architecture Analysis
Steps You Can Take to Protect Your Home Network
Keep your router firmware updated. Router manufacturers release firmware updates to patch security vulnerabilities. If your router is running outdated firmware, it may be exposed to known exploits. Log into your router's admin panel periodically and check for available updates, or enable automatic updates if your router supports them.
Use DNS-level protection. Services like Cloudflare's 1.1.1.1 for Families, Quad9, or OpenDNS can block connections to known malicious domains at the network level. In this attack, the malware tried to connect to a specific command-and-control server. DNS filtering can help block that type of outbound connection before it reaches the attacker.
Enable automatic updates on all your devices. Whether it is your phone, laptop, smart TV, or any other connected device, keeping software current is one of the simplest and most effective defenses you have.
Use a router with active security features. Some modern routers, such as certain models from Netgear (Armor), TP-Link, and Asus (AiProtection), include built-in threat detection and automatic blocking of suspicious traffic. These features add a useful extra layer of protection at the network level.
Monitor your accounts for unusual activity. After any major breach, it is a good idea to review your online accounts for unexpected logins, password reset emails, or unfamiliar charges. Consider using a password manager and enabling two-factor authentication wherever possible.
Be skeptical of unexpected collaboration requests. The axios compromise started with a social engineering approach that looked entirely professional and legitimate. If someone you do not know invites you to a Slack workspace, schedules a video call, or asks you to install software during a meeting, verify their identity through independent channels before taking any action. This advice applies to everyone, not just software developers.
The Bigger Picture
This Axios compromise is part of a broader pattern. In the weeks leading up to the attack, related campaigns targeted several other widely used open-source tools. Supply chain attacks are becoming more frequent, more sophisticated, and harder to detect. They exploit the trust that the entire software ecosystem is built on.
The post-mortem makes this pattern even more concrete. The same social engineering campaign that compromised Axios targeted maintainers of Lodash, WebTorrent, and other foundational JavaScript packages. North Korean state hackers are not picking targets at random — they are systematically mapping the open-source dependency tree and going after the people who hold the keys to the most impactful packages.
For home users, the takeaway is straightforward: you do not need to understand every technical detail, but you should understand that the software and services you rely on are only as secure as their weakest link. Keeping your own devices and network updated and protected is one of the few things fully within your control.
Frequently Asked Questions
What is the Axios npm supply chain attack?
On March 31, 2026, North Korean state hackers hijacked the account of the lead maintainer of Axios, a popular JavaScript software library with over 100 million weekly downloads. They published poisoned versions that silently installed malware on any system that downloaded them. The malicious versions were live for about three hours before being removed.
How was the axios maintainer's account compromised?
The maintainer confirmed in a post-mortem published April 3, 2026, that he fell victim to a targeted social engineering campaign by UNC1069. The attackers built a fake company identity complete with a cloned Slack workspace and fake employee profiles, and established a relationship with him over approximately two weeks. During a scheduled Microsoft Teams call, a fake error message prompted him to install what appeared to be a software update, which was actually a remote access trojan. Once the malware was running on his machine, the attackers had access to all of his credentials, including his npm authentication tokens and two-factor codes.
What is a supply chain attack in cybersecurity?
A supply chain attack is when hackers compromise a trusted piece of software that other programs depend on. Instead of attacking individual targets directly, they tamper with a shared component so that everyone who uses it gets affected automatically through normal software updates and installations.
Who was behind the Axios hack?
The attack has been attributed to North Korean state-sponsored hackers by multiple major security firms including Microsoft, Google, and Sophos. These groups track the attackers under different names (Sapphire Sleet, UNC1069, NICKEL GLADSTONE), but all agree the operation was state-backed and financially motivated.
Were other npm maintainers targeted by the same campaign?
Yes. In the days following the axios post-mortem, maintainers of several other foundational npm packages — including Lodash, WebTorrent, and various ECMAScript polyfills — confirmed they were targeted by the same social engineering playbook. Security researchers have identified this as a strategic shift by UNC1069, which previously focused on cryptocurrency companies and venture capital targets. The attackers are also reportedly developing new infrastructure to extend the fake meeting approach to Slack huddles and other communication platforms.
Can a supply chain attack affect my home network?
Yes. While supply chain attacks typically target software developers and businesses directly, the downstream effects can reach everyday users. If an app, website, or service you use was built with compromised code, your data could be at risk. This is why keeping your devices updated and using network-level protections like DNS filtering are important habits.
How do I protect my router from cyberattacks?
Keep your router firmware updated, change the default admin password, disable remote management if you do not need it, and use a strong Wi-Fi password with WPA3 or WPA2 encryption. Some modern routers also offer built-in security features that can detect and block malicious traffic automatically.
What is DNS-level protection and how does it help?
DNS-level protection uses a filtering service (like Cloudflare 1.1.1.1 for Families, Quad9, or OpenDNS) to block connections to known malicious websites and servers before your device ever reaches them. You can set this up on your router so that every device on your network benefits from the protection without installing any extra software.
If two-factor authentication did not protect the maintainer, should I still use it?
Yes, absolutely. Two-factor authentication remains one of the most effective defenses for everyday account security. In this specific case, 2FA failed because the attacker had already installed malware on the maintainer's machine, which gave them the ability to read authentication codes in real time. For the vast majority of threats — password leaks, credential stuffing, phishing links — 2FA provides strong protection. For even stronger defense, consider hardware security keys (like YubiKey or Google Titan), which are resistant to remote interception even if your computer is compromised.
What should I do if I think my system was affected by the Axios compromise?
If you are a developer who may have installed the compromised versions (Axios 1.14.1 or 0.30.4), security researchers recommend treating your system as compromised. Downgrade to a safe version (1.14.0 or 0.30.3), rotate all passwords and credentials on the affected machine, and check for outbound connections to suspicious servers. For everyday users, monitor your online accounts for unusual activity, update all your devices, and consider changing passwords on important accounts as a precaution.
