Threat Intelligence Report

One of the most popular JavaScript packages on earth Axios has been compromised

📅 March 31, 2026 📰 opensourcemalware.com 🔍 0 CVE(s) referenced

A sophisticated supply chain attack on the widely-used Axios npm package injected a malicious dependency that deploys cross-platform remote access trojans, granting attackers persistent control over developer and production systems worldwide.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle