Date: March 31, 2026
Severity: Critical
Affected Packages: axios@1.14.1 and axios@0.30.4
Malicious Dependency: plain-crypto-js@4.2.1
Safe Versions: axios@1.14.0 (1.x) | axios@0.29.0 (0.x)
Axios is one of the most widely used JavaScript HTTP libraries, with over 100 million weekly downloads. On March 31, 2026, an attacker gained access to the npm account of the primary Axios maintainer and published two poisoned versions of the package.
The attacker did not touch any Axios source code. Instead, they added a fake dependency called plain-crypto-js@4.2.1 that runs automatically during npm install. That script silently connects to an attacker-controlled server at sfrclak.com:8000, downloads malware suited to your operating system, runs it, and then deletes itself to avoid detection. The malware gives the attacker full remote access to the machine.
Any environment that ran npm install between 01:00 and 03:29 UTC on March 31, 2026 — without a pinned lockfile — may have been compromised.
- StepSecurity (initial discovery): https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
- Socket Security (technical analysis): https://socket.dev/blog/axios-npm-package-compromised
- Snyk (remediation guidance): https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/
- Wiz (cloud environment impact): https://www.wiz.io/blog/axios-npm-compromised-in-supply-chain-attack
- Vercel (platform response): https://vercel.com/changelog/axios-package-compromise-and-remediation-steps
- The Hacker News (overview): https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html
Advisory IDs: GHSA-fw8c-xr5c-95f9 | MAL-2026-2306
You may be affected if any of these are true:
- You ran
npm installafter March 30, 2026 without a committed lockfile - Your
package.jsonuses a loose version range like^1.14.0or^0.30.0 - Your CI/CD pipeline does not use
npm ci
Run the one-liners below to check your system.
Each check prints results if something is found, or nothing if you are clear.
Check for compromised axios versions in lockfiles:
find / -name "package-lock.json" -not -path "*/proc/*" -not -path "*/sys/*" 2>/dev/null | xargs grep -l "1\.14\.1\|0\.30\.4" 2>/dev/nullCheck for the malicious package on disk:
find / -type d -name "plain-crypto-js" -path "*/node_modules/*" -not -path "*/proc/*" -not -path "*/sys/*" 2>/dev/nullCheck for an active connection to the attacker's server:
ss -tnp | grep ":8000"Check logs for contact with the attacker's domain:
journalctl --since "2026-03-30" 2>/dev/null | grep -i "sfrclak"; grep -r "sfrclak" /var/log/ 2>/dev/nullCheck for compromised axios versions in lockfiles:
find / -name "package-lock.json" -not -path "*/proc/*" -not -path "*/sys/*" 2>/dev/null | xargs grep -l "1\.14\.1\|0\.30\.4" 2>/dev/nullCheck for the malicious package on disk:
find / -type d -name "plain-crypto-js" -path "*/node_modules/*" -not -path "*/proc/*" -not -path "*/sys/*" 2>/dev/nullCheck for an active connection to the attacker's server:
ss -tnp | grep ":8000" || netstat -tnp 2>/dev/null | grep ":8000"Check logs for contact with the attacker's domain:
journalctl --since "2026-03-30" 2>/dev/null | grep -i "sfrclak"; grep -r "sfrclak" /var/log/messages /var/log/secure 2>/dev/nullCheck for compromised axios versions in lockfiles:
Get-ChildItem -Path $env:USERPROFILE -Filter "package-lock.json" -Recurse -Force -ErrorAction SilentlyContinue | Select-String -Pattern "1\.14\.1|0\.30\.4" | Select-Object -ExpandProperty Path -UniqueCheck for the malicious package on disk:
Get-ChildItem -Path $env:USERPROFILE -Directory -Filter "plain-crypto-js" -Recurse -Force -ErrorAction SilentlyContinue | Where-Object { $_.FullName -like "*node_modules*" } | Select-Object FullNameCheck for an active connection to the attacker's server:
Get-NetTCPConnection -RemotePort 8000 -ErrorAction SilentlyContinue | Format-Table LocalAddress, RemoteAddress, State -AutoSizeCheck DNS cache and hosts file for the attacker's domain:
Get-DnsClientCache | Where-Object { $_.Entry -like "*sfrclak*" }; Select-String -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Pattern "sfrclak" -ErrorAction SilentlyContinueCheck for compromised axios versions in lockfiles:
find /Users /opt /usr/local /tmp -name "package-lock.json" 2>/dev/null | xargs grep -l "1\.14\.1\|0\.30\.4" 2>/dev/nullCheck for the malicious package on disk:
find /Users /opt /usr/local /tmp -type d -name "plain-crypto-js" -path "*/node_modules/*" 2>/dev/nullCheck for an active connection to the attacker's server:
lsof -i TCP:8000 2>/dev/nullCheck logs and DNS cache for the attacker's domain:
log show --last 48h 2>/dev/null | grep -i "sfrclak"; dscacheutil -cachedump -entries Host 2>/dev/null | grep -i "sfrclak"Check for malware persistence via LaunchAgents:
grep -rl "plain-crypto" ~/Library/LaunchAgents /Library/LaunchAgents /Library/LaunchDaemons 2>/dev/nullTreat the machine as fully compromised. The malware deletes itself after running, so a clean result does not guarantee safety if you installed axios during the affected window.
Step 1 — Rotate all credentials immediately.
Assume everything on the machine has been stolen: AWS/GCP/Azure keys, GitHub and npm tokens, database passwords, .env files, SSH keys, and anything else sensitive.
Step 2 — Remove the compromised packages.
npm uninstall axios
npm install axios@1.14.0 # 1.x users
npm install axios@0.29.0 # 0.x users
rm -rf node_modules/plain-crypto-jsStep 3 — Commit a clean lockfile.
npm ci
git add package-lock.json
git commit -m "chore: pin axios to safe version, remove plain-crypto-js"Step 4 — Block the attacker's domain at your firewall or DNS level.
sfrclak.com
Step 5 — Review CI/CD logs from March 30–31, 2026 for any pipeline that ran npm install (not npm ci) without a locked version of axios.
Step 6 — Prevent this class of attack going forward.
npm ci --ignore-scriptsUsing --ignore-scripts disables postinstall hooks entirely. This single flag would have blocked this attack completely.
| Item | Detail |
|---|---|
| Affected versions | axios@1.14.1, axios@0.30.4 |
| Malicious dependency | plain-crypto-js@4.2.1 |
| Attacker C2 server | sfrclak.com:8000 |
| Safe 1.x version | axios@1.14.0 |
| Safe 0.x version | axios@0.29.0 |
| Malicious window | 2026-03-31 01:00 UTC to 03:29 UTC |
| Advisory IDs | GHSA-fw8c-xr5c-95f9 / MAL-2026-2306 |