The Axios Attack. And What It Reveals About the Full Threat Landscape.
A Noor28 — Noor Secure Case Study
Noor28.com4 min read·Just now--
On March 31, 2026, someone turned Axios into a weapon.
Not through a zero-day. Not through a vulnerability buried in the codebase. Through a stolen password and a fake package. Within 39 minutes, both major release branches of one of JavaScript’s most trusted libraries were quietly serving malware to anyone who installed them.
Axios runs inside everything. Frontend frameworks. Backend services. Enterprise infrastructure. 83 million installs a week. That’s not a library. That’s critical dependency for half the internet.
What Actually Happened
The attacker was patient. Eighteen hours before the hit, they published a clean package to npm, “plain-crypto-js”, doing nothing, raising no flags, just sitting there looking legitimate. Then they used compromised credentials belonging to Axios’s primary maintainer to push two new versions of Axios in rapid succession. Each one quietly pulled in the poisoned package as a runtime dependency.
The payload was a cross-platform RAT dropper. On macOS it fetched a trojan binary from a remote C2 server and launched it silently. On Windows it impersonated Windows Terminal and ran a PowerShell RAT. On Linux it executed a Python script via shell. Then it deleted itself. Replaced its own package manifest with a clean version, specifically engineered to pass forensic inspection.
They also changed the compromised account’s registered email to a Proton Mail address, locking out the legitimate maintainer entirely.
This wasn’t opportunistic. Someone planned it, staged it, and built the cleanup into the attack itself.
This Wasn’t a Website Attack
This is the part that matters for understanding where Noor Secure fits and where it doesn’t.
The Axios attack had no end user component. It wasn’t designed to tamper with what gets served in a browser or drain a wallet at checkout. The target was the toolchain itself. Developer machines. Build servers. CI/CD pipelines. Internal repositories. Deployment credentials. The attack landed the moment an engineer ran npm install, deep inside the organisation’s infrastructure, long before anything reached a user.
That’s a different class of threat. And we’ll be direct about it: Noor Secure’s current detection layer sits between the served application and the end user. For the Axios attack specifically, that layer was never reached because that was never the point.
What Noor would have caught is any downstream consequence if a compromised build had been deployed to a monitored application and began serving tampered code to users. The fingerprint baseline would have flagged the drift. The on-chain record would have preserved evidence the attacker couldn’t erase. But catching the upstream infection at the pipeline level is a problem we haven’t solved yet.
We think that’s worth saying plainly.
Where Noor Does Cover This. The Ledger Connect Kit Attack.
December 2023. A malicious version of the Ledger Connect Kit library was published to npm via a compromised account. Within hours it was serving a wallet drainer to every dApp that had integrated it, injecting malicious code directly into the interfaces users trusted to sign transactions. Over $600,000 was drained before the library was pulled.
This is the attack architecture Noor Secure was built for.
Every dApp running a registered Versioned Fingerprint Package would have had a cryptographic baseline of exactly what scripts should be present. The moment the compromised Connect Kit version changed what was being served to users, 17,000 independent nodes would have detected the drift. Not in the next scheduled scan. In near real-time, before most users had a chance to connect their wallets.
The on-chain audit trail matters here too. The attacker’s window relies on the gap between compromise and detection. An immutable record of what was actually running, timestamped and independently verified, closes that window and preserves forensic evidence that can’t be cleaned up after the fact.
The Ledger attack followed the same supply chain architecture as Axios. Compromised credentials, poisoned npm package, rapid propagation. The difference is where the payload landed. One went after developers. One went after users. Noor is built for the latter.
The Gap We’re Working On
Supply chain attacks that target pipelines and developer infrastructure, without ever touching an end user, represent a real and growing threat. The Axios attack is a clear example. So is any attack that compromises build tooling, injects malicious code into server-side processes, or uses a poisoned dependency to pivot into internal systems.
Extending Verifier Node coverage to monitor what enters a build pipeline, not just what gets served out of one, is on our roadmap. The same principles apply: a registered baseline, continuous comparison against what’s actually running, and an immutable record of any deviation. The architecture translates. The implementation is a harder problem.
We’re working on it. And we’d rather tell you that honestly than claim we already have it solved.
This Is the Pattern Now
Ledger Connect Kit. BadgerDAO. Radiant Capital. Bybit. Axios. Every one of these incidents followed the same underlying logic: trust a package, trust a dependency, trust the registry. The compromise hides in the layer everyone assumes someone else is checking.
The industry built defences for the inside. The attack surface moved to the edges, and then further upstream still.
The Only Question Worth Asking
Run your incident response checklist. Audit for the affected versions. Rotate credentials. Block the C2 domain. All of it matters.
But the checklist is always written after the damage is done.
If your application was served with a different script than the one you deployed, right now, today, how long would it take you to find out?
With Noor Secure: minutes. For the pipeline layer we’re not there yet. But we’re building toward it.
Noor Secure is a Noor28 product. Enterprise monitoring, browser extension, and node operator program, available soon at
