EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

Malicious axios npm package versions deliver malware targeting crypto developers

Evidence first: scan the strongest sources, then decide whether to go deeper.

redditrss
npmsecuritysupply_chain_attackmalwarecrypto_development
Trend in the last 24h
Source links limited
You can inspect the signal and top sources here. Full source links and workflow tools unlock on the flagship sample or in the app.
BackEvidence (2)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence preview
  • Slow Fog warns devs over malicious axios malware campaign
    crypto.news
  • Axios npm package compromised in supply chain attack (via Reddit)
    thecybersecguru.com
Overview

The widely used npm package axios was compromised in a supply chain attack with malicious versions 1.14.1 and 0.30.4 containing a malware dropper named plain-crypto-js@4.2.1.

Entities
Slow Fogaxiosplain-crypto-js
Score total
1.25
Momentum 24h
2
Posts
2
Origins
2
Source types
2
Duplicate ratio
0%
Why now
  • Malicious axios versions were published and removed within the last 24 hours, posing immediate risk.
  • Crypto developers using npm are urged to audit dependencies and rotate credentials now.
  • Security firms like Slow Fog have issued urgent warnings to mitigate ongoing threats.
Why it matters
  • Supply chain attacks on widely used npm packages can compromise crypto development environments.
  • Malware embedded in dependencies can lead to credential theft and remote access trojans affecting blockchain projects.
  • Prompt detection and remediation are critical to protect crypto infrastructure and developer credentials.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
  • Malicious axios npm package versions 1.14.1 and 0.30.4 contain a malware dropper plain-crypto-js@4.2.1.
  • The compromised axios versions have been removed from the npm registry.
  • Crypto developers are advised to roll back to axios version 1.14.0 and rotate all credentials after installing the malicious versions.
How sources frame it
  • Slow Fog Security Firm: neutral
Monitor for any further developments or related supply chain attacks affecting crypto development.