Listen to this Post

Introduction
The npm ecosystem, the backbone of modern JavaScript development, has been under siege. In March and May 2026, a series of catastrophic supply chain attacks, including the compromise of the Axios library (with over 100 million weekly downloads) and the TanStack framework, demonstrated that traditional security measures are no longer sufficient. These sophisticated campaigns, attributed to North Korea-nexus actors and the threat group TeamPCP, used tactics ranging from social engineering of maintainers to exploiting GitHub Actions for self-propagating worm-like behavior, turning the very tools developers trust into vectors for credential theft and remote access trojans (RATs).
Learning Objectives
- Analyze the technical mechanics of the 2026 Axios and TanStack npm supply chain attacks, including the specific methods of propagation.
- Implement proactive supply chain defenses, including dependency cooldowns, immutable lockfiles, and advanced npm audit configurations.
- Detect and Respond with hands-on Sigma rules, Linux/Windows forensic commands, and automated CI/CD scanning to prevent future compromises.
You Should Know
- Dissecting the Axios & TanStack Compromises: A Technical Deep Dive
The March 2026 compromise of Axios served as a wake-up call. Attackers didn’t find a vulnerability in the code; they exploited the human element, compromising the npm account of a lead maintainer. They then published two malicious versions (1.14.1and0.30.4) that added a typosquatted dependency namedplain-crypto-js.
A month later, the TanStack attack revealed an even more advanced vector: exploitation of GitHub Actions. Attackers created a fork, opened a pull request to trigger a `pull_request_target` workflow, poisoned the GitHub Actions cache, and extracted OIDC tokens directly from the runner’s process memory to publish malicious packages.
Step‑by‑step guide explaining what this does and how to use it: Identifying and Exploiting the Attack Vectors
- Account Takeover (Axios): Attackers change maintainer email, publish new versions directly bypassing CI/CD.
- Dependency Injection: The `postinstall` script of `plain-crypto-js` runs, downloading a cross-platform RAT from
sfrclak.com:8000. - CI/CD Poisoning (TanStack): Malicious code poisons `pnpm` store cache. When a legitimate maintainer merges a PR, the poisoned artifact is used for publishing.
4. Detection Commands:
Check for malicious plain-crypto-js:
Linux / macOS npm list plain-crypto-js grep -r "plain-crypto-js" package-lock.json
Verify npm Account Activity (if you are a maintainer):
npm profile get --json Check for unexpected email changes or linked accounts
Windows PowerShell (Check for malicious RAT indicators):
Check for scheduled tasks or suspicious run keys
Get-ScheduledTask | Where-Object {$_.TaskName -like "MicrosoftUpdate"}
Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
Get-ChildItem -Path "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup"
2. Implementing Dependency Cooldown and Immutable Lockfiles
The speed of these attacks (malicious versions live for less than 3 hours) requires a new approach. Instead of always installing the latest version, you should introduce a “dependency cooldown” period. This security control, now supported by major package managers, skips newly published versions for a set period (e.g., 72 hours), giving the security community time to flag a package before it enters your build.
Step‑by‑step guide explaining what this does and how to use it: Hardening Your Package Installation Pipeline
- Enable `–no-save` in Ephemeral Environments (CI): Ensure CI builds don’t accidentally update lockfiles.
Force use of the exact versions from lockfile npm ci
2. Configure `pnpm` and `yarn` for Cooldown:
pnpm (>= 8.x): Set `dependency-cooldown-days` to `3`.
.npmrc dependency-cooldown-days=3 auto-install-peers=true
Yarn (>= 4.x): Use `yarn-audit-known-issues` and configure yarnrc.yml.
.yarnrc.yml unsafeHttpWhitelist: [] npmScopes: your-company: npmAlwaysAuth: true
3. Enforce Lockfile Integrity:
Ensure your lockfile is committed and not ignored git add package-lock.json pnpm-lock.yaml yarn.lock Verify integrity on every install npm ci --ignore-scripts
4. Use `overrides` to Force Safe Versions (npm): In your package.json, you can force a specific version for a transitive dependency to prevent malicious versions from being pulled in.
{
"overrides": {
"axios": "1.14.0",
"plain-crypto-js": "none"
}
}
3. Automated CI/CD Defenses Against Token Theft
The TanStack attack highlighted a critical vulnerability: OIDC token exposure in GitHub Actions. These tokens, essentially temporary, scoped credentials, were extracted from /proc/<pid>/mem. To defend against this, you must lock down your CI/CD pipeline permissions and implement strict token controls.
Step‑by‑step guide explaining what this does and how to use it: Securing GitHub Actions Workflows
- Limit GITHUB_TOKEN Permissions: Set `permissions: read-all` at the top of your workflow.
name: Build on: [bash] permissions: contents: read Grant only read permissions packages: read id-token: none Disable OIDC entirely if not needed jobs: build: runs-on: ubuntu-latest steps:</li> </ol> - name: Checkout code uses: actions/checkout@v4
2. Sandbox External PRs: Never allow `pull_request_target` workflows to check out the PR’s code directly without explicit approval. Use a separate, low-privilege token.
3. Rotate and Scrutinize Tokens: Run a script to check if any of your project’s npm tokens were used from an unusual IP.Check your npm token access logs (npm audit tokens) npm token list If you suspect a compromise, revoke and recreate all tokens npm token revoke <token-id>
4. Implement a Custom Security Check in CI: Add a step to scan for suspicious dependency additions.
Compare the list of installed packages before and after installation npm list --depth=0 --json > before.json npm install npm list --depth=0 --json > after.json Use a diff tool to flag any new unexpected packages like 'plain-crypto-js' In your CI script, fail the build if a suspicious package is found
What Undercode Say
- Trust is not a security control: The Axios and TanStack compromises prove that high download counts and reputable maintainers are not guarantees of safety. Implement “zero trust” for your dependencies, treating every `npm install` as a potential threat.
- The shift-left movement is now a mandate: Security cannot be an afterthought. Integrating advanced SCA scanning, dependency cooldown, and immutable lockfiles directly into the CI/CD pipeline from the first line of code is the only viable defense.
The era of blindly trusting the npm registry is over. The attacks of 2026 show a determined, sophisticated adversary willing to burn significant assets to compromise the software supply chain. The only reliable defense is a multilayered strategy that combines technical controls (cooldowns, scanning, sandboxing), process changes (lockfile discipline, least-privilege CI), and a culture of skepticism. Organizations that fail to adapt will inevitably find their build servers exfiltrating credentials to domains like `sfrclak[.]com` or their CI tokens publishing malware under their own name. The tools are available; the playbook is written. Your move.
▶️ Related Video (76% Match):
🎯Let’s Practice For Free:
IT/Security Reporter URL:
Reported By: Daniel Scheidt – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeTesting & Stay Tuned:


