Daily Tech News Show Popular JavaScript Package Axios Gets Compromised - DTNS 5237
20 snips
Mar 31, 2026 A supply-chain attack on the popular Axios JavaScript package and how malicious versions can install a remote access Trojan. A source-map leak that exposed Anthropic Cloud Code internals and potential fallout. Samsung’s novel motion-sickness app that uses ultra-low frequencies and its new Tab S11 hardware and health features. Meta’s refreshed prescription-friendly Ray-Ban frames and AI updates.
AI Snips
Chapters
Transcript
Episode notes
Axios NPM Supply Chain Compromise
- A supply-chain attack compromised the Axios NPM maintainer account and pushed malicious Axios 1.14 and 0.30 releases that installed a remote-access Trojan on macOS, Windows, and Linux.
- The Trojan ran a post-install script, executed commands, persisted across reboots, and then replaced the modified package with a clean file to avoid detection.
Axios Ubiquity Makes It An Attractive Target
- Axios is a ubiquitous HTTP client used in browsers and Node.js servers, downloaded about 100 million times per week, making it a high-value target for supply-chain attacks.
- Because it's included in many apps front-end and back-end, even a short malicious release can affect a large number of projects and machines.
Disguised Dependency And Post Install Cleanup
- The malicious package was disguised as a legitimate cryptography library and not imported in Axios source code, so static scans wouldn't reveal it.
- Post-install scripts delivered the backdoor and later cleaned traces by replacing modified files with clean ones.