Attackers Compromised Axios, NPM Package With Over 100M Weekly Downloads, Rotate Your Keys Now
Contents
Attackers Compromised Axios, NPM Package With Over 100M Weekly Downloads, Rotate Your Keys Now
Breaking News: Axios versions 0.30.4 and 1.14.1 were compromised in a supply chain attack, importing a malicious package plain-crypto-js – version 4.2.1
If you recently installed Axios on the latest versions and not pinned to an older version, uninstall immediately and rotate your keys and credentials.
Originally reported by Socket.
Affected Packages
Package name Affected versions
axios 0.30.4, 1.14.1
plain-crypto-js 4.2.1
Overview
Axios was compromised in a supply chain attack, in order to avoid detection, the attackers added a malicious dependency (plain-crypto-js) to Axios, pinned to a version (4.2.1) that wasn’t uploaded yet – this way they could overcome detections as scanners trying to install this version would not see anything suspicious, only when the malicious version of plain-crypto-js was uploaded, the malicious behavior could be observed.
This attack targets both the Windows, MacOS and Linux ecosystems, installing a RAT (Remote Access Trojan) which lets the …
Breaking News: Axios versions 0.30.4 and 1.14.1 were compromised in a supply chain attack, importing a malicious package plain-crypto-js – version 4.2.1
If you recently installed Axios on the latest versions and not pinned to an older version, uninstall immediately and rotate your keys and credentials.
Originally reported by Socket.
Affected Packages
Package name Affected versions
axios 0.30.4, 1.14.1
plain-crypto-js 4.2.1
Overview
Axios was compromised in a supply chain attack, in order to avoid detection, the attackers added a malicious dependency (plain-crypto-js) to Axios, pinned to a version (4.2.1) that wasn’t uploaded yet – this way they could overcome detections as scanners trying to install this version would not see anything suspicious, only when the malicious version of plain-crypto-js was uploaded, the malicious behavior could be observed.
This attack targets both the Windows, MacOS and Linux ecosystems, installing a RAT (Remote Access Trojan) which lets the …