Security

Axios npm Supply Chain Compromise: Mitigation Guide

2 min read

Summary

Microsoft warned that malicious Axios npm versions 1.14.1 and 0.30.4 were used in a supply chain attack attributed to Sapphire Sleet. Organizations using the affected packages should immediately rotate secrets, downgrade to safe versions, and review developer endpoints and CI/CD systems for compromise.

Audio Summary

0:00--:--
Need help with Security?Talk to an Expert

Introduction

Microsoft has disclosed a serious npm supply chain compromise affecting Axios, one of the most widely used JavaScript HTTP libraries. Because Axios is commonly installed on developer workstations and CI/CD pipelines, this incident has broad implications for software supply chain security across Windows, macOS, and Linux environments.

What happened

Two malicious Axios package versions were published on March 31, 2026:

According to Microsoft Threat Intelligence, these releases added a malicious dependency, [email protected], which executed a post-install script during npm install or package updates. The install hook contacted actor-controlled infrastructure and downloaded a second-stage remote access trojan (RAT).

Microsoft attributes the campaign to Sapphire Sleet, a North Korean state actor.

Key technical details

  • The Axios source code itself was reportedly left unchanged.
  • The malicious behavior was introduced through a dependency insertion technique.
  • Affected environments included developer endpoints and CI/CD systems.
  • Payloads were tailored by operating system:
    • Windows: PowerShell-based RAT with persistence via registry Run key
    • macOS: Native binary dropped into /Library/Caches
    • Linux/other: Platform-specific follow-on payloads
  • The malware communicated with known malicious infrastructure linked to Sapphire Sleet.

Why this matters for IT and security teams

This attack highlights how trusted open-source packages can be weaponized without obvious application changes. Even if applications appear to function normally, the compromise can still occur at install time, allowing attackers to steal secrets, establish persistence, and pivot deeper into enterprise environments.

For administrators, the biggest risks are:

  • Compromised developer credentials and tokens
  • Exposed secrets in build systems
  • Malware execution on CI/CD agents
  • Persistent footholds on managed Windows devices

Organizations that installed the affected Axios versions should act immediately:

  1. Downgrade Axios to safe versions:
    • 1.14.0
    • 0.30.3
  2. Rotate secrets and credentials that may have been exposed.
  3. Disable auto-updates for Axios packages until environments are verified clean.
  4. Inspect developer and build systems for signs of compromise, especially persistence mechanisms and suspicious script execution.
  5. Use Microsoft Defender detections and hunting guidance from Microsoft’s advisory to identify malicious components and affected hosts.

Bottom line

The Axios npm compromise is a reminder that package management and CI/CD pipelines are now primary attack surfaces. Security teams should treat affected installs as potential endpoint and credential compromises, not just a package issue.

Need help with Security?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Read the original article by Microsoft Threat Intelligence and Microsoft Defender Security Research Team
Axiosnpmsupply chain attackSapphire SleetMicrosoft Defender

Related Posts

Security

Autonomous AI Agents: Microsoft Defense-in-Depth

Microsoft outlines a defense-in-depth approach for securing autonomous AI agents as they move from assisting users to taking actions across systems. The guidance emphasizes that the application layer—not just the model—is the most important control point for limiting permissions, enforcing human review, and reducing blast radius in production.

Security

AI App Misconfigurations Expose Cloud Workloads

Microsoft warns that insecure AI app deployments are creating exploitable misconfigurations, especially on Kubernetes, where public exposure and weak authentication can lead to remote code execution, credential theft, and data exposure. The research highlights risks in MCP servers, Mage AI, kagent, and AutoGen Studio, and reinforces the need for hardening and continuous posture monitoring with tools like Defender for Cloud.

Security

Kazuar Botnet Analysis: Secret Blizzard’s New Tactics

Microsoft Threat Intelligence detailed how Kazuar has evolved from a traditional backdoor into a modular peer-to-peer botnet used by the Russian state actor Secret Blizzard. The report matters for defenders because the malware’s Kernel, Bridge, and Worker architecture is designed to reduce visibility, improve resilience, and support long-term espionage operations.

Security

Microsoft MDASH Security System Finds 16 Windows Flaws

Microsoft unveiled MDASH, a new multi-model agentic security system that helped identify 16 previously unknown vulnerabilities in the Windows networking and authentication stack, including four critical remote code execution flaws. The announcement matters for security teams because it shows AI-driven vulnerability discovery is moving from research into production-scale defensive operations, with strong benchmark results and a limited private preview now underway.

Security

Microsoft Defender AI Synthetic Logs for Detection Engineering

Microsoft Defender Security Research detailed a new AI-assisted approach for generating high-fidelity synthetic attack logs from attacker TTPs and actions. The research could help security teams speed up detection engineering, test more attack scenarios, and reduce reliance on costly lab simulations while protecting sensitive data.

Security

Modern DDoS Attacks: Microsoft’s Defense Guidance

Microsoft says DDoS attacks against consumer web properties are becoming more frequent, stealthier, and increasingly focused on application-layer abuse rather than simple bandwidth floods. The company recommends a defense-in-depth approach using resilient application design, edge protections, telemetry, and Azure services such as DDoS Protection and Web Application Firewall to keep services available under attack.