Hackers Poison Axios npm Package with 100 Million Weekly Downloads

Axios npm Package compromised in a supply chain attack, exposing developers to malware, data theft, and full system takeover risks worldwide.

Check your system for Axios npm Package versions 1.14.1 and 0.30.4 and remove them immediately to prevent data theft.

Modern web development relies heavily on shared libraries, and few are as critical as Axios, a tool that manages how applications talk to servers. On 31 March 2026, this trust was broken when a supply chain attack ‘poisoned’ the library. With Axios used in roughly 80% of cloud environments and seeing 100 million (101,032,032) weekly downloads, this is one of the most impactful npm compromises on record.

A Rapid-Fire Account Takeover

The breach began when a threat actor hijacked the GitHub and npm accounts of lead maintainer Jason Saayman. According to research by Socket and OpenSourceMalware, this allowed the attacker to bypass standard security ...