Axios npm Supply Chain Attack: Incident Analysis & Response Guide Publication Date: March 31, 2026 Incident Date: March 31, 2026 (00:21–03:29 UTC) Severity Level: Critical Executive Summary What This Means The Incident On March 31, 2026, the Axios JavaScript library—one of the most widely used HTTP request packages in the world—was compromised through an attacker gaining unauthorized access to the npm account of a core maintainer. Two malicious versions (1.14.1 and 0.

Axios Supply Chain Attack: CrowdStrike Falcon Mitigation Guide Incident Date: March 31, 2026 (00:21–03:29 UTC) Guide Published: April 1, 2026 Severity: Critical Platform: CrowdStrike Falcon (All tiers) For the full incident narrative and non-Falcon detection logic, see the companion article: Axios npm Supply Chain Attack: Incident Analysis & Response Guide Overview On March 31, 2026, threat actors published two backdoored versions of the axios npm package (1.14.1 and 0.30.4) by compromising maintainer jasonsaayman’s npm account.