Axios Packages Deliver Malicious RAT Payloads
On March 31, 2026, Microsoft Threat Intelligence disclosed that two malicious npm releases of Axios (1.14.1 and 0.30.4) contained an injected dependency that fetched second-stage RAT payloads from C2 infrastructure attributed to North Korean actor Sapphire Sleet. The compromises target macOS, Windows and Linux at install time; Microsoft advises rotating credentials, downgrading to 1.14.0 or 0.30.3, disabling auto-updates, and following its mitigation guidance.
Scoring Rationale
High-impact, timely incident with strong attribution from Microsoft and concrete mitigations. Scored highly for novelty, broad scope given Axios's wide usage, strong actionability and credibility; relevance reduced slightly because this is a software supply-chain security incident rather than core ML/DS research.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problemsStep-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.
Sources
- Read OriginalMitigating the Axios npm supply chain compromisemicrosoft.com
