Reader · no content
No body text on file.
Open the original to read the full piece.
On 2026-03-31 Karpathy reported a supply-chain attack targeting npm axios…
Brief
Axios was reported compromised on 2026-03-31: Karpathy found an unpinned googleworkspace/cli import that could have pulled a malicious latest axios (his system resolved to axios@1.13.5) and described axios as the most popular HTTP client with 300M weekly downloads. Feross says axios@1.14.1 pulls plain-crypto-js@4.2.1, an obfuscated dropper; both urge pinning versions and auditing lockfiles.
Why it matters
On 2026-03-31 Karpathy reported a supply-chain attack targeting npm axios, calling it the “most popular HTTP client” with 300M weekly downloads; he found an unpinned googleworkspace/cli import that would have resolved to the compromised latest if installed earlier, though his environment resolved to unaffected axios@1.13.5.
Key details
- Feross reports axios@1.14.1 now pulls in a newly created plain-crypto-js@4.2.1; he identifies plain-crypto-js as an obfuscated dropper that deobfuscates payloads at runtime, dynamically loads fs/os/execSync, executes shell commands, stages files into OS temp and Windows ProgramData, and deletes/renames artifacts—he labels this a live compromise and warns that axios has 100M+ weekly downloads.
- Immediate mitigations advised: pin axios to a known-good version, audit lockfiles, do not upgrade to the compromised release, and consider release-age constraints or containerized installs; Karpathy argues npm/pip defaults must change to stop unpinned dependency infections from spreading at scale.