Hackers Expose Vulnerabilities in Software Supply Chains

The compromise of Axios, a Node Package Manager (NPM) package with more than 100 million weekly downloads, represents a watershed moment for organisations evaluating their software supply chain risk exposure.

The incident, attributed by Google Threat Intelligence Group (GTIG) to North Korea-nexus threat actor UNC1069, demonstrates how a single point of failure in the dependency chain can create enterprise-wide security exposure across multiple operating environments.

Unlike isolated breaches that affect individual organisations, supply chain compromises cascade through interconnected development ecosystems.

When attackers successfully inject malicious code into widely-adopted open-source components, they gain potential access to every downstream system that relies on that dependency.

In the case of Axios, the attack surface extends across hundreds of thousands of development environments, production systems and enterprise applications that incorporate the package for handling HTTP requests.

UNC1069, also tracked as CryptoCore or MASAN, is a financially motivated, state-sponsored threat actor nexus linked to North Korea that has operated since at least 2018. The group's latest campaign targeted a critical node in the software supply chain: a trusted open-source dependency embedded in countless enterprise applications.

Organisations that installed the compromised NPM package received a remote access trojan (RAT) capable of conducting reconnaissance, executing remote commands and exfiltrating data. According to researchers, this sophisticated attack remained active.

Rafe Pilling, Director of Threat Intelligence at Sophos, says on his LinkedIn: "If you use Axios hopefully you're already on top of this. Analysis is ongoing but initial malware and infrastructure overlaps point to a North Korean threat group being behind this attack."

Anatomy of supply chain infiltration

The attack vector demonstrates how supply chain compromises exploit trust relationships within development workflows. On 31 March 2026, a file named "plain-crypto-js" appeared in Axios NPM releases versions 1.14.1 and 0.30.4. This malicious file functioned as a dropper, deploying a backdoor called WAVESHAPER.V2 across Windows, macOS and Linux environments.

The insertion occurred following a compromise of a maintainer account associated with Axios. This attack pattern highlights a critical vulnerability: the dependence on individual account credentials as single points of failure for widely distributed software components.

Once organisations installed the compromised package, setup.js – a JavaScript dropper – executed automatically in the background. The plain-crypto-js file served as a payload delivery mechanism, with capabilities to inspect target operating systems and deliver platform-specific malware. The script employed custom XOR and Base64-based string obfuscation to evade detection within enterprise security monitoring systems.

Following payload delivery, setup.js attempted to delete itself and obscure forensic evidence, complicating incident response efforts for affected organisations.

Cascading risks across dependency networks

The strategic implications extend beyond the immediate compromise. Austin Larsen, Principal Threat Analyst at Google Threat Intelligence Group, warns: "The impact of this attack is broad and has significant ripple effects, as countless other popular packages rely on axios as a dependency."

This observation underscores a fundamental challenge in modern software supply chain management: transitive dependencies create exponential risk exposure. Organisations may not directly incorporate Axios into their applications, yet remain vulnerable through second-order or third-order dependencies that do utilise the package.

Austin adds: "UNC1069 isn't the only threat actor that has launched successful open-source supply chain attacks in recent weeks. Other groups, such as TeamPCP (UNC6780), have recently poisoned GitHub Actions and PyPI packages associated with projects like Trivy, Checkmarx and LiteLLM to deploy the SANDCLOCK credential stealer and facilitate follow-on extortion operations."

The concentration of multiple supply chain attacks within a compressed timeframe could signal a strategic shift among threat actors towards dependency exploitation as a preferred attack vector. This pattern suggests organisations should anticipate sustained pressure on open-source supply chain infrastructure.

Sustainability, procurement and supply chain leaders won’t want to miss Procurement & Supply Chain LIVE, taking place at Navy Pier, Chicago, on April 21–22.
Co-located with Sustainability LIVE: The US Summit, the event unites senior decision-makers at a time when supply chains, sustainability and business performance are more interdependent than ever.
Secure your place now for The US Summit – group booking discounts available.

Strategic implications for enterprise resilience

According to security experts, the implications could extend considerably beyond immediate system compromises. Credentials harvested through supply chain attacks may circulate within threat actor networks, enabling subsequent intrusions across cloud platforms and enterprise environments.

Austin notes: "2026 is quickly shaping up to be the year of the supply chain. Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks. Over the near term, these compromised credentials could enable further software supply chain attacks, software-as-a-service (SaaS) environment compromises (leading to downstream customer breaches), ransomware and extortion events and cryptocurrency theft."

This evolving threat landscape illustrates how interconnected modern software development ecosystems have become. A single compromised component can trigger cascading security failures across organisational boundaries, affecting vendors, customers and partners within interconnected supply networks.

Organisations managing complex software supply chains face mounting pressure to implement comprehensive dependency risk assessment frameworks. This includes establishing continuous monitoring capabilities for transitive dependencies, implementing automated vulnerability detection across the entire dependency tree and developing rapid response protocols for supply chain security incidents.

Austin emphasises the importance of swift organisational action: "Defenders should pay close attention to these campaigns and enterprises should initiate dedicated efforts to assess the existing impact, remediate compromised systems and harden environments against future attacks."

As supply chain threats continue escalating in both frequency and sophistication, organisations must fundamentally reconsider their approach to dependency management and software composition analysis. Greater visibility into transitive dependencies, stronger access controls around package management infrastructure and continuous monitoring of supply chain integrity will prove essential capabilities for organisations seeking to build resilient software supply chains in a hostile threat environment.