Axios Gets 100 Million Downloads a Week. Today, Two Came With a Trojan.

Axios has approximately 100 million downloads a week. But today, two of those downloads came with a remote access trojan. The Hijack An unauthorized party gained access to the npm account of Axios'...

By · · 1 min read
Axios Gets 100 Million Downloads a Week. Today, Two Came With a Trojan.

Source: DEV Community

Axios has approximately 100 million downloads a week. But today, two of those downloads came with a remote access trojan. The Hijack An unauthorized party gained access to the npm account of Axios's lead maintainer, jasonsaayman, and changed the registered email address. The attacker then published two backdoored versions of Axios: 1.14.1 and 0.30.4. The Payload Instead of including the payload directly, the attacker packaged it within a dependency called plain-crypto-js. This dependency contained nothing useful — only a postinstallation script that executed a silent dropper on the weaponized releases of Axios to download the RAT. The attacker created an innocuous version of plain-crypto-js 18 hours before the attack started and published it to npm before the Axios releases were pushed. This was done to introduce the dependency to the registry. About an hour before the Axios releases, the attacker uploaded a new version of the dependency with the payload. The RAT The RAT reported to it

Related Posts

Trending on ShareHub

  1. Understanding Modern JavaScript Frameworks in 2026
    by Alex Chen · Feb 12, 2026 · 0 likes
  2. The System Design Primer
    by Sarah Kim · Feb 12, 2026 · 0 likes
  3. Just shipped my first open-source project!
    by Alex Chen · Feb 12, 2026 · 0 likes
  4. OpenAI Blog
    by Sarah Kim · Feb 12, 2026 · 0 likes
  5. Building Accessible Web Applications: A Practical Guide
    by Alex Chen · Feb 12, 2026 · 0 likes
  6. Rapper Lil Poppa dead at 25, days after releasing new music
    Rapper Lil Poppa dead at 25, days after releasing new music
    by Anonymous User · Feb 19, 2026 · 0 likes
  7. write-for-us
    by Volt Raven · Mar 7, 2026 · 0 likes
  8. Before the Coffee Gets Cold: Heartfelt Story of Time Travel and Second Chances
    Before the Coffee Gets Cold: Heartfelt Story of Time Travel and Second Chances
    by Anonymous User · Feb 12, 2026 · 0 likes
    #coffee gets cold #the #time travel
  9. Best DoorDash Promo Code Reddit Finds for Top Discounts
    Best DoorDash Promo Code Reddit Finds for Top Discounts
    by Anonymous User · Feb 12, 2026 · 0 likes
    #doordash #promo #reddit
  10. Premium SEO Services That Boost Rankings & Revenue | VirtualSEO.Expert
    by Anonymous User · Feb 12, 2026 · 0 likes
  11. NBC under fire for commentary about Team USA women's hockey team
    NBC under fire for commentary about Team USA women's hockey team
    by Anonymous User · Feb 18, 2026 · 0 likes
  12. Where to Watch The Nanny: Streaming and Online Viewing Options
    Where to Watch The Nanny: Streaming and Online Viewing Options
    by Anonymous User · Feb 12, 2026 · 0 likes
    #streaming #the nanny #where
  13. How Much Is Kindle Unlimited? Subscription Cost and Plan Details
    How Much Is Kindle Unlimited? Subscription Cost and Plan Details
    by Anonymous User · Feb 12, 2026 · 0 likes
    #kindle unlimited #subscription #unlimited
  14. Russian skater facing backlash for comment about Amber Glenn
    Russian skater facing backlash for comment about Amber Glenn
    by Anonymous User · Feb 18, 2026 · 0 likes
  15. Google News
    Google News
    by Anonymous User · Feb 18, 2026 · 0 likes

Latest on ShareHub

Browse Topics

#ai (2515)#news (1765)#webdev (1252)#programming (851)#business (794)#/business (639)#productivity (631)#investing (610)#opensource (565)#sa transcripts (538)

Around the Network