From Axios to TanStack: The 2026 npm Supply Chain Apocalypse and How to Fortify Your Pipeline + Video

Listen to this Post

Featured Image

Introduction

The npm ecosystem, the backbone of modern JavaScript development, has been under siege. In March and May 2026, a series of catastrophic supply chain attacks, including the compromise of the Axios library (with over 100 million weekly downloads) and the TanStack framework, demonstrated that traditional security measures are no longer sufficient. These sophisticated campaigns, attributed to North Korea-nexus actors and the threat group TeamPCP, used tactics ranging from social engineering of maintainers to exploiting GitHub Actions for self-propagating worm-like behavior, turning the very tools developers trust into vectors for credential theft and remote access trojans (RATs).

Learning Objectives

  • Analyze the technical mechanics of the 2026 Axios and TanStack npm supply chain attacks, including the specific methods of propagation.
  • Implement proactive supply chain defenses, including dependency cooldowns, immutable lockfiles, and advanced npm audit configurations.
  • Detect and Respond with hands-on Sigma rules, Linux/Windows forensic commands, and automated CI/CD scanning to prevent future compromises.

You Should Know

  1. Dissecting the Axios & TanStack Compromises: A Technical Deep Dive
    The March 2026 compromise of Axios served as a wake-up call. Attackers didn’t find a vulnerability in the code; they exploited the human element, compromising the npm account of a lead maintainer. They then published two malicious versions (1.14.1 and 0.30.4) that added a typosquatted dependency named plain-crypto-js.

A month later, the TanStack attack revealed an even more advanced vector: exploitation of GitHub Actions. Attackers created a fork, opened a pull request to trigger a `pull_request_target` workflow, poisoned the GitHub Actions cache, and extracted OIDC tokens directly from the runner’s process memory to publish malicious packages.

Step‑by‑step guide explaining what this does and how to use it: Identifying and Exploiting the Attack Vectors

  1. Account Takeover (Axios): Attackers change maintainer email, publish new versions directly bypassing CI/CD.
  2. Dependency Injection: The `postinstall` script of `plain-crypto-js` runs, downloading a cross-platform RAT from sfrclak.com:8000.
  3. CI/CD Poisoning (TanStack): Malicious code poisons `pnpm` store cache. When a legitimate maintainer merges a PR, the poisoned artifact is used for publishing.

4. Detection Commands:

Check for malicious plain-crypto-js:

 Linux / macOS
npm list plain-crypto-js
grep -r "plain-crypto-js" package-lock.json

Verify npm Account Activity (if you are a maintainer):

npm profile get --json
 Check for unexpected email changes or linked accounts

Windows PowerShell (Check for malicious RAT indicators):

 Check for scheduled tasks or suspicious run keys
Get-ScheduledTask | Where-Object {$_.TaskName -like "MicrosoftUpdate"}
Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
Get-ChildItem -Path "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup"

2. Implementing Dependency Cooldown and Immutable Lockfiles

The speed of these attacks (malicious versions live for less than 3 hours) requires a new approach. Instead of always installing the latest version, you should introduce a “dependency cooldown” period. This security control, now supported by major package managers, skips newly published versions for a set period (e.g., 72 hours), giving the security community time to flag a package before it enters your build.

Step‑by‑step guide explaining what this does and how to use it: Hardening Your Package Installation Pipeline

  1. Enable `–no-save` in Ephemeral Environments (CI): Ensure CI builds don’t accidentally update lockfiles.
    Force use of the exact versions from lockfile
    npm ci
    

2. Configure `pnpm` and `yarn` for Cooldown:

pnpm (>= 8.x): Set `dependency-cooldown-days` to `3`.

 .npmrc
dependency-cooldown-days=3
auto-install-peers=true

Yarn (>= 4.x): Use `yarn-audit-known-issues` and configure yarnrc.yml.

 .yarnrc.yml
unsafeHttpWhitelist: []
npmScopes:
your-company:
npmAlwaysAuth: true

3. Enforce Lockfile Integrity:

 Ensure your lockfile is committed and not ignored
git add package-lock.json pnpm-lock.yaml yarn.lock
 Verify integrity on every install
npm ci --ignore-scripts

4. Use `overrides` to Force Safe Versions (npm): In your package.json, you can force a specific version for a transitive dependency to prevent malicious versions from being pulled in.

{
"overrides": {
"axios": "1.14.0",
"plain-crypto-js": "none"
}
}

3. Automated CI/CD Defenses Against Token Theft

The TanStack attack highlighted a critical vulnerability: OIDC token exposure in GitHub Actions. These tokens, essentially temporary, scoped credentials, were extracted from /proc/<pid>/mem. To defend against this, you must lock down your CI/CD pipeline permissions and implement strict token controls.

Step‑by‑step guide explaining what this does and how to use it: Securing GitHub Actions Workflows

  1. Limit GITHUB_TOKEN Permissions: Set `permissions: read-all` at the top of your workflow.
    name: Build
    on: [bash]
    permissions:
    contents: read  Grant only read permissions
    packages: read
    id-token: none  Disable OIDC entirely if not needed
    jobs:
    build:
    runs-on: ubuntu-latest
    steps:</li>
    </ol>
    
    - name: Checkout code
    uses: actions/checkout@v4
    

    2. Sandbox External PRs: Never allow `pull_request_target` workflows to check out the PR’s code directly without explicit approval. Use a separate, low-privilege token.
    3. Rotate and Scrutinize Tokens: Run a script to check if any of your project’s npm tokens were used from an unusual IP.

     Check your npm token access logs (npm audit tokens)
    npm token list
     If you suspect a compromise, revoke and recreate all tokens
    npm token revoke <token-id>
    

    4. Implement a Custom Security Check in CI: Add a step to scan for suspicious dependency additions.

     Compare the list of installed packages before and after installation
    npm list --depth=0 --json > before.json
    npm install
    npm list --depth=0 --json > after.json
     Use a diff tool to flag any new unexpected packages like 'plain-crypto-js'
     In your CI script, fail the build if a suspicious package is found
    

    What Undercode Say

    • Trust is not a security control: The Axios and TanStack compromises prove that high download counts and reputable maintainers are not guarantees of safety. Implement “zero trust” for your dependencies, treating every `npm install` as a potential threat.
    • The shift-left movement is now a mandate: Security cannot be an afterthought. Integrating advanced SCA scanning, dependency cooldown, and immutable lockfiles directly into the CI/CD pipeline from the first line of code is the only viable defense.

    The era of blindly trusting the npm registry is over. The attacks of 2026 show a determined, sophisticated adversary willing to burn significant assets to compromise the software supply chain. The only reliable defense is a multilayered strategy that combines technical controls (cooldowns, scanning, sandboxing), process changes (lockfile discipline, least-privilege CI), and a culture of skepticism. Organizations that fail to adapt will inevitably find their build servers exfiltrating credentials to domains like `sfrclak[.]com` or their CI tokens publishing malware under their own name. The tools are available; the playbook is written. Your move.

    ▶️ Related Video (76% Match):

    🎯Let’s Practice For Free:

    IT/Security Reporter URL:

    Reported By: Daniel Scheidt – Hackers Feeds
    Extra Hub: Undercode MoN
    Basic Verification: Pass ✅

    🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

    💬 Whatsapp | 💬 Telegram

    📢 Follow UndercodeTesting & Stay Tuned:

    𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky