Inside the Axios supply chain compromise - one RAT to rule them all

216.73.216.6

Inside the Axios supply chain compromise - one RAT to rule them all

· Published 01/04/2026 13:22 · Modified 01/04/2026 19:28

Essential information

Published: 01/04/2026 13:22
Modified: 01/04/2026 19:28
Tags: 2026-04-01 axios javascript npm package compromise supply chain attack
Related entities: 3 observables, 3 techniques (mitre), 1 others

Description

Elastic Security Labs identified a supply chain compromise of the axios npm package, one of the most depended-upon packages in the JavaScript ecosystem with approximately 100 million weekly downloads. The attacker compromised a maintainer account and published backdoored versions that delivered a cross-platform Remote Access Trojan to macOS, Windows, and Linux systems through a malicious postinstall hook.

External references

https://www.elastic.co/security-labs/axios-one-rat-to-rule-them-all
https://otx.alienvault.com/pulse/69cd1c2e48c8aeef1f743d7f

Inside the Axios supply chain compromise - one RAT to rule them all

Essential information

Description

Related entities

Observables (3)

Techniques (MITRE) (3)

Others (1)

External references