Incident Scope And Impacted Releases

Issue 90 Edition 2026-03-31 4 min read

General

Sources: 1 • Confidence: High • Updated: 2026-04-12 10:22

Key takeaways

Axios versions 1.14.1 and 0.30.4 added a new dependency named plain-crypto-js.
If Axios adopted npm trusted publishing, only its GitHub Actions workflows would be able to publish releases to npm.
The malware packages were published to npm without an accompanying GitHub release.
The plain-crypto-js package was newly published malware that stole credentials and installed a remote access trojan.
Axios (an npm HTTP client) was targeted by a supply-chain attack.

Axios versions 1.14.1 and 0.30.4 added a new dependency named plain-crypto-js.
The plain-crypto-js package was newly published malware that stole credentials and installed a remote access trojan.
Axios (an npm HTTP client) was targeted by a supply-chain attack.

If Axios adopted npm trusted publishing, only its GitHub Actions workflows would be able to publish releases to npm.
The unauthorized publishing of the malicious Axios versions likely involved a leaked long-lived npm token.

The malware packages were published to npm without an accompanying GitHub release.
A similar pattern of npm publication without a matching GitHub release was observed in the LiteLLM incident the prior week.

What is the confirmed root cause of the unauthorized publishing (e.g., which credential was used, from where, and when)?
What is the distribution and real-world impact of the malicious Axios versions (e.g., how widely installed, in what environments, and for how long)?
What are the concrete indicators of compromise for plain-crypto-js (execution traces, persistence methods, outbound destinations, and timing)?
Did Axios already use npm trusted publishing at the time, and if not, what part of the release process allowed direct token-based publishing?
How often do npm publishes lack matching GitHub releases in benign cases, and how predictive is this anomaly for compromise?

If malicious Axios versions spread, enterprises may increase scrutiny of npm supply chain controls, benefiting vendors offering dependency monitoring and release integrity checks
Anomaly detection based on npm publishes without matching GitHub releases could see increased adoption, implying higher demand for tooling that correlates registry activity with upstream release artifacts
The incident could accelerate adoption of npm trusted publishing, shifting organizations toward workflow based release authorization and away from long lived token based publishing

Independent confirmation of the root cause of unauthorized publishing, such as evidence of compromised npm token versus workflow compromise
Measured distribution and impact of the malicious Axios versions, including install counts, affected environments, and duration of exposure
Action by Axios maintainers or npm ecosystem toward adopting or recommending trusted publishing and stronger release provenance checks

Evidence shows minimal real world installation of the affected Axios versions and no observed credential theft or remote access trojan execution
Root cause indicates a contained process mistake rather than credential compromise, reducing expectation of broader supply chain control shifts
Analysis finds npm publishes without GitHub releases are common in benign cases, weakening the anomaly heuristic as a reliable monitoring signal