Axios Got Hijacked and npm Already Knew

March 31, 2026 · 282 words · 1 min read

codingtools

The axios hijack bypassed CI entirely and the registry made it visible.

Two days ago I wrote about dependency cooldowns. Today axios got hijacked. Good timing!

In my setup, the configuration I use (min-release-age=3d) would have blocked both malicious versions (1.14.1 and 0.30.4), but not for the right reason!

In this case, the attacker didn't publish a new package, they directly hijacked the primary maintainer's npm account, staged a fake dependency (plain-crypto-js@4.2.1) almost a full day in advance, then published backdoored releases under the maintainer's real name. The cooldown worked because the staged package was only 18 hours old, but that's just luck. Had they staged the attack a week in advance, the cooldown would have done nothing.

Funny enough, the actual signal that showed exactly what was happening was sitting in the registry the whole time. Every legitimate axios release is published via GitHub Actions with OIDC Trusted Publishers, and the metadata is public:

bash
npm view axios@1.14.0 _npmUser
# { name: 'GitHub Actions', email: 'npm-oidc-no-reply@github.com', trustedPublisher: { id: 'github', ... } }
 
npm view axios@1.14.1 _npmUser
# { name: 'jasonsaayman', email: 'ifstap@proton.me' }

The OIDC token is ephemeral and workflow-scoped, so it can't be stolen, so this release bypassed CI entirely and the registry shows it as a non-trusted publisher. This is a huge signal that something is wrong, but it's, but it's not surfaced anywhere in the standard workflow. You have to know to check for it, and then you have to know how.

npm has had Trusted Publishers since 2023. For packages that use it, a version without that binding is worth looking at before you install. I'll probably add a check for this in my release process, but it would be nice if npm handled this a bit more prominently. Maybe a warning when installing a version that doesn't have a trusted publisher, or at least a badge on the package page.

StepSecurity's full breakdown is definitely worth reading.