Top NPM package backdoored to drop dirty RAT on dev machines

Top npm package backdoored to drop dirty RAT on dev machines • The Register CSO 4 Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines 4 Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios Carly Page Tue 31 Mar 2026 // 10:29 UTC Updated One of npm's most widely used HTTP client libraries briefly became a malware delivery vehicle after attackers hijacked a maintainer's account and slipped a remote-access trojan (RAT) into two seemingly legitimate axios releases, in what's being described as "one of the most impactful npm supply chain attacks on record." The poisoned versions, "[email protected]" and "[email protected]," made it onto the npm registry before being yanked, though not before some unlucky devs and CI pipelines pulled them in. Rather than tampering with axios's own code, the intruders took a subtler route, slipping in a dependency that had no business being there and no role in the library's functionality. Axios is a widely used JavaScript HTTP client that developers rely on to send requests between applications and web services. It's embedded in everything from front-end apps to back-end systems and racks up around 100 million downloads each week, meaning even a short-lived compromise can spread quickly. The releases didn't come through the project's usual build process either. Security firm StepSecurity found that both versions were published via the compromised npm account of "jasonsaayman," the project's primary maintainer, who was reportedly locked out of the account while the packages were being pushed. The attackers swapped the account's email address for an anonymous ProtonMail inbox and pushed the infected packages manually via the npm CLI, completely bypassing the project's GitHub Actions CI/CD pipeline and the safeguards developers tend to assume are in place. npmx package browser released as alpha to fix pain of using npmjs PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle Crims poison 150K+ npm packages with token-farming malware Invisible npm malware pulls a disappearing act – then nicks your tokens The added package, "[email protected]," existed purely as a delivery mechanism. Its post-install script phones home, fetches a second-stage payload, and sets about dropping malware tailored to whatever it finds. On macOS it disguises itself as a system daemon, on Windows it leans on PowerShell, and on Linux it falls back to a Python backdoor. It also tries to cover its tracks, clearing out traces that might give the game away. StepSecurity said the campaign showed a level of planning well beyond the usual smash-and-grab npm compromise. "This was not opportunistic," said Ashish Kurmi, the firm's CTO and co-founder. "The malicious dependency was staged 18 hours in advance. Three separate payloads were pre-built for three operating systems. Both release branches were hit within 39 minutes. Every trace was designed to self-destruct. This is among the most operationally sophisticated supply chain attacks ever documented against a top-10 npm package." The incident also comes during a rough stretch for npm. Campaigns such as "Shai-Hulud" and its follow-up, "Shai-Hulud 2.0," show attackers increasingly targeting the software supply chain itself, seeding malicious packages to siphon credentials, hijack environments, or quietly maintain persistence within developer tooling. Developers who installed either affected version are being urged to act immediately. "If you have installed [email protected] or [email protected], assume your system is compromised," Kurmi said. In practice, that means ripping out dependencies, rotating credentials, and, for some, rebuilding machines from scratch. Given how widely axios is used, the cleanup won't be quick. Google’s Threat Intelligence Group (GTIG) on Tuesday linked the axios NPM supply chain attack to a suspected North Korean threat actor it tracks as UNC1069 - and not to TeamPCP, the group behind the recent Trivy vulnerability scanner breach and subsequent compromises targeting other popular open source projects . The axios supply-chain attack is “unrelated to the recent TeamPCP supply chain issues,” GTIG chief analyst John Hultquist told The Register . “We have attributed the attack to a suspected North Korean threat actor we track as UNC1069. North Korean hackers have deep experience with supply chain attacks, which they’ve historically used to steal cryptocurrency. The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts.” ® Updated on March 31 to include Google's statement that UNC1069 is the suspected group behind the attack. Share More about NPM Remote Access Trojan Software More like these × More about NPM Remote Access Trojan Software Supply Chain Trojan Narrower topics AdBlock Plus App Application Delivery Controller Audacity Confluence Database FOSDEM FOSS Grab Graphics Interchange Format IDE Image compression Jenkins Legacy Technology LibreOffice Map Microsoft 365 Microsoft Office Microsoft Teams Mobile Device Management OpenOffice Programming Language QR code Retro computing Search Engine Software Bill of Materials Software bug Software License Supply Chain Security Week Text Editor User interface Visual Studio Visual Studio Code WebAssembly Web Browser WordPress Broader topics Malware Security More about Share 4 COMMENTS More about NPM Remote Access Trojan Software More like these × More about NPM Remote Access Trojan Software Supply Chain Trojan Narrower topics AdBlock Plus App Application Delivery Controller Audacity Confluence Database FOSDEM FOSS Grab Graphics Interchange Format IDE Image compression Jenkins Legacy Technology LibreOffice Map Microsoft 365 Microsoft Office Microsoft Teams Mobile Device Management OpenOffice Programming Language QR code Retro computing Search Engine Software Bill of Materials Software bug Software License Supply Chain Security Week Text Editor User interface Visual Studio Visual Studio Code WebAssembly Web Browser WordPress Broader topics Malware Security TIP US OFF Send us news Other stories you might like Japanese shipper MOL wants a floating datacenter, and Hitachi just climbed aboard Second-hand ship, seawater cooling, with operations eyed for 2027 On-Prem 1 Apr 2026 | Renewables reached nearly 50% of global electricity capacity last year Cool, but fossil-fuel additions and AI-era power demand still muddy the climate math Science 1 Apr 2026 | 1 OpenAI gets $122B to 'just build things' as the world blows them up Opinion War, oil shocks, and market nerves could yet knock the AI boom off course AI + ML 1 Apr 2026 | 6 Resilient, continuously active data – with no compromise When the gap between data generation and action is a strategic liability, it's time for a fix Sponsored Feature Ruby Central report reopens wounds over RubyGems repo takeover Board-backed account of maintainer ouster is unlikely to settle row over governance, control, and trust Software 1 Apr 2026 | 'People's Panel' to check if UK wants controversial Digital ID will cost £630K We could tell you no for free Public Sector 1 Apr 2026 | 46 France buys nuclear supercomputing spinoff Bull from Atos for €404M Paris makes sovereignty play as it becomes sole shareholder HPC 1 Apr 2026 | 3 Virgin Galactic reopens ticket sales with out-of-this-world price hikes Flights to resume in 2026 before space tourism biz runs out of cash Science 1 Apr 2026 | 8 One in seven Americans are ready for an AI boss, but they might not trust it Poll finds 15% happy to take orders from a bot even as most question its output and fear job losses AI + ML 1 Apr 2026 | 9 AI server farms heat up the neighborhood for miles around, paper finds Researchers say localized warming can extend well past site edges, raising concerns about community impact Systems 1 Apr 2026 | 20 We know what day it is but these Raspberry Pi price hikes are no joke Hot DRAM! Who is going to drop nearly $400 on an underpowered Linux computer? Personal Tech 1 Apr 2026 | 43 UK manufacturers under cyber fire with 80% reporting attacks ESET says factory outages, lost revenue, and supply chain disruption are becoming routine Security 1 Apr 2026 | 27