UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack Ravie LakshmananApr 03, 2026Threat Intelligence / Malware The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069. Maintainer Jason Saayman said the attackers tailored their social engineering efforts "specifically to me" by first approaching him under the guise of the founder of a legitimate, well-known company. "They had cloned the company's founders' likeness as well as the company itself," Saayman said in a post-mortem of the incident. "They then invited me to a real Slack workspace. This workspace was branded to the company's CI and named in a plausible manner. The Slack [workspace] was thought out very well; they had channels where they were sharing LinkedIn posts." Subsequently, the threat actors are said to have scheduled a meeting with him on Microsoft Teams. Upon joining the fake call, he was presented with a fake error message that stated "something on my system was out of date." As soon as the update was triggered, the attack led to the deployment of a remote access trojan. The access afforded by the trojan enabled the attackers to steal the npm account credentials necessary to publish two trojanized versions of the Axios npm package (1.14.1 and 0.30.4) containing an implant named WAVESHAPER.V2. "Everything was extremely well coordinated, looked legit, and was done in a professional manner," Saayman added. Source: Kaspersky The attack chain described by the project maintainer shares considerable overlaps with tradecraft associated with UNC1069 and BlueNoroff. Details of the campaign were extensively documented by Huntress and Kaspersky last year, with the latter tracking it under the moniker GhostCall. In these attacks, users are displayed an error message seconds after joining the call, stating that their system is not functioning properly and instructing them to download a malicious Zoom or Teams SDK through a ClickFix-like pop-up message. Depending on the operating system of the victim, this action leads to the execution of an AppleScript (for macOS) or a PowerShell (for Windows) script. One of the malicious payloads deployed as part of the attack chain is a Nim-based maCOS backdoor (or a Go variant written for Windows) called CosmicDoor that delivers a comprehensive stealer suite dubbed SilentSiphon to capture credentials from web browsers and password managers, and secrets associated with GitHub, GitLab, Bitbucket, npm, Yarn, Python pip, RubyGems, Rust argo, and .NET NuGet. "Historically, [...] these specific guys have gone after crypto founders, VCs, public people," security researcher Taylor Monahan said. "They social engineer them and take over their accounts and target the next round of people. This evolution to targeting [OSS maintainers] is a bit concerning in my opinion." As preventive steps, Saayman has outlined several changes, including resetting all devices and credentials, setting up immutable releases, adopting OIDC flow for publishing, and updating GitHub Actions to adopt best practices. The findings demonstrate how open-source project maintainers are increasingly becoming the target of sophisticated attacks, effectively allowing threat actors to target downstream users at scale by publishing poisoned versions of highly popular packages. With Axios attracting nearly 100 million weekly downloads and being used heavily across the JavaScript ecosystem, the blast radius of such a supply chain attack can be massive as it propagates swiftly through direct and transitive dependencies. "A package as widely used as Axios being compromised shows how difficult it is to reason about exposure in a modern JavaScript environment," Socket's Ahmad Nassri said. "It is a property of how dependency resolution in the ecosystem works today." Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  Credential Theft, cybersecurity, JavaScript, Malware, North Korea, NPM, Open Source, social engineering, supply chain attack, Threat Intelligence Trending News China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits and 20 More Stories Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers and More Load More ▼ Popular Resources [Guide] Learn How to Govern AI Agents With Proven Market Guidance Detect AI-Driven Threats Faster With Full Network Visibility SANS SEC401: Get Hands On Skills to Detect and Respond to Cyber Threats [Demo] Discover SaaS Risks and Monitor Every App in Your Environment