Suspected North Korean operatives compromised the widely used Axios JavaScript library on 31 March 2026 by socially engineering its maintainer over several weeks, publishing two malicious npm packages that may have infected thousands of downstream systems before being pulled three hours later.
A sophisticated supply chain attack attributed to North Korean state-sponsored hackers briefly compromised Axios — one of the most widely used open-source JavaScript libraries on the web — in what security researchers are calling one of the most audacious software supply chain operations of 2026. The two malicious packages were live on the npm registry for approximately three hours on 31 March before being detected and pulled, but the window may have been sufficient to infect thousands of downstream systems.
Axios is a promise-based HTTP client used by millions of developers and embedded in countless web applications, enterprise backends, and mobile platforms. It records more than 45 million weekly downloads on npm. The scope of potential exposure has made the incident a priority for corporate security teams and national cybersecurity agencies worldwide.
Google's Threat Analysis Group and blockchain forensics firms including Elliptic have linked the operation to a North Korean hacking cluster tracked as UNC4736, the same group implicated in the $285 million Drift Protocol exploit disclosed the same day. The timing has raised questions about whether the two incidents were part of a coordinated campaign targeting both the crypto industry's financial infrastructure and its software supply chain simultaneously.
Anatomy of the Attack
The compromise did not rely on a zero-day vulnerability or a flaw in npm's infrastructure. Instead, it exploited the human layer — specifically, the trust relationships that underpin open-source software maintenance. According to a detailed account published by Axios maintainer Matt Saayman, the attackers spent weeks cultivating a relationship with him before attempting the compromise.
The operation began with an approach from individuals posing as employees of a legitimate-looking technology company. They created a realistic Slack workspace, populated it with fake employee profiles, and invited Saayman to collaborate on what appeared to be a genuine integration project. The social engineering culminated in a web meeting invitation that prompted Saayman to download what was presented as a software update required to access the call.
The downloaded file contained malware that gave the attackers access to Saayman's npm publishing credentials. Using those credentials, they published two modified versions of the Axios package that included an obfuscated payload designed to exfiltrate environment variables, API keys, and cryptocurrency wallet credentials from infected systems.
Saayman detected the unauthorised publications within hours and worked with npm to remove the malicious packages. The npm security team subsequently revoked the compromised tokens and issued an advisory urging developers to audit their dependency trees.
Scale of Exposure Remains Uncertain
The full breadth of the compromise is not yet clear. npm download statistics suggest the malicious packages were pulled several thousand times during the three-hour window, but automated build systems, continuous integration pipelines, and Docker image rebuilds may have amplified the reach significantly. Security firm Socket, which specialises in open-source supply chain analysis, estimated that between 8,000 and 15,000 unique installations may have occurred, though many of those could represent CI/CD bots rather than production deployments.
The U.S. Cybersecurity and Infrastructure Security Agency issued an alert on 2 April urging organisations that use Axios to verify their installed versions and check for indicators of compromise published by Google TAG. The United Kingdom's National Cyber Security Centre echoed the advisory, noting that the attack was consistent with a broader pattern of North Korean operations targeting open-source software ecosystems.
Corporate security teams at several major technology firms — including two Fortune 100 companies — have initiated internal audits to determine whether the malicious packages entered their build pipelines, according to people familiar with the matter who spoke on condition of anonymity.
A Growing Pattern of North Korean Supply Chain Warfare
The Axios incident is the latest in an escalating series of North Korean operations targeting the open-source software supply chain. In 2024, the same threat cluster was linked to attempts to compromise the XZ Utils compression library — an attack that was narrowly averted by a vigilant maintainer. Earlier operations targeted the event-stream and ua-parser-js npm packages, compromising millions of downstream users.
North Korean cyber operations have stolen at least $2 billion in cryptocurrency in 2025 alone, according to estimates from TRM Labs and Chainalysis. The Drift Protocol hack, disclosed on the same day as the Axios compromise, accounted for $285 million of that total. Researchers at Google TAG noted that North Korean hackers increasingly view open-source supply chain attacks as a force multiplier — a single successful compromise can provide access to thousands of organisations simultaneously.
CNN reported that North Korean IT workers have also infiltrated legitimate technology companies by posing as remote employees, using the access to exfiltrate proprietary code and, in some cases, redirect cryptocurrency payments. The FBI issued a warning in March 2026 specifically about North Korean operatives targeting DeFi developers through fake job offers and collaboration invitations — a tactic mirrored in the Axios attack.
Implications for Open-Source Security
The incident has reignited debate about the fragility of open-source software supply chains, where critical infrastructure often depends on a small number of volunteer maintainers. Axios, despite its ubiquity, is maintained primarily by Saayman and a handful of contributors. The asymmetry between the library's importance and the resources available to secure it is a structural vulnerability that state-sponsored actors are increasingly exploiting.
The Open Source Security Foundation has called for mandatory multi-party signing for packages above a threshold of weekly downloads, a measure that would have prevented the Axios compromise. GitHub, which owns npm, has begun piloting provenance attestations for published packages — cryptographic proofs that link a package to a specific source repository commit — but adoption remains voluntary.
For the cryptocurrency industry, which relies heavily on open-source tooling, the Axios attack underscores a risk that extends well beyond smart contract vulnerabilities and oracle manipulation. As North Korean operations grow more sophisticated — combining social engineering, supply chain compromise, and DeFi exploits into coordinated campaigns — the attack surface for the entire ecosystem continues to expand. Security analysts expect further incidents of this nature in the months ahead, warning that the open-source dependency chains underpinning most crypto infrastructure remain insufficiently hardened against state-level threat actors.
