Close Menu
CryptoDispatchDaily.comCryptoDispatchDaily.com
    What's Hot

    BTC endures sharpest capitulation since 2022

    February 18, 2026

    Dogecoin (DOGE) Recovery Capped As Momentum Turns Bearish

    February 20, 2026

    ICP price prediction 2026, 2027, 2028-2032

    February 20, 2026
    Facebook X (Twitter) Instagram
    • About Us
    • Contact Us
    • Privacy Policy
    • Terms and Conditions
    Facebook X (Twitter) Instagram
    CryptoDispatchDaily.comCryptoDispatchDaily.com
    • News

      Investors Turn Bullish on RIVN Stock After Rivian Raises 2026 Delivery Target

      July 4, 2026

      China’s robot maker Unitree cleared for Shanghai IPO worth $619 million

      July 3, 2026

      Tether abandons Europe as MiCA ban wipes USDT from exchanges

      July 1, 2026

      Blackrock’s $300M IBIT Exit Extends Bitcoin ETF Outflow Streak to 8 Days

      June 30, 2026

      BlackRock’s IBIT Reportedly Surpasses Fidelity In Bitcoin ETF Assets

      June 29, 2026
    • Technology

      Whales bought $16.7B of Bitcoin as ETFs bled a record $4B

      July 4, 2026

      TRON Post-Quantum Signatures Launch on Nile Testnet After Vote

      July 3, 2026

      Ondo Finance puts BlackRock ETF onchain under SEC-backed model

      July 2, 2026

      Bitcoin ETF Outflows Hit Record $4.5 Billion as Institutional Demand Weakens

      July 1, 2026

      Chainlink Holder Count Nears 900K as Wallet Growth Picks Up

      June 30, 2026
    • Learn/Guide

      Wadoozie ($WADZ): The Ethereum Memecoin With a 48-State Tour and Hidden Token Rewards

      May 7, 2026

      How to Optimize Company Operational Costs: A Manual on Modern Payment Ecosystems

      March 6, 2026

      6 Best Citizenship by Investment Programs for 2026

      February 23, 2026

      Strategies to Conquering Risk in Crypto Trading

      February 18, 2026

      What is GameFi? How to Play and Earn Crypto in 2025

      February 18, 2026
    • Regulation

      Trump Says He Did Not Know About 1.4 Billion Crypto Earnings

      July 3, 2026

      Bybit EU Takes Focus as Global Access Narrows for EEA Clients

      June 29, 2026

      Australia extends crypto licensing relief deadline to September 30

      June 26, 2026

      Hungary Crypto Overhaul Targets EU MiCA Alignment and Market Return

      June 12, 2026

      Over 200 Crypto Groups Urge Senate Clarity Act Vote

      June 8, 2026
    • Live Pricing Chart
    CryptoDispatchDaily.comCryptoDispatchDaily.com
    Home » Slow Fog warns devs over malicious axios malware campaign
    Technology

    Slow Fog warns devs over malicious axios malware campaign

    March 31, 20263 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Slow Fog warns devs over malicious axios malware campaign
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Slow Fog flags malicious axios releases pulling in plain-crypto-js malware, exposing crypto developers to cross-platform RATs and stolen credentials via npm.

    Blockchain security firm Slow Fog has issued an urgent security reminder after newly published [email protected] and [email protected] releases pulled in a malicious dependency, [email protected], turning one of JavaScript’s most widely used HTTP clients into a supply chain weapon against crypto developers. Axios sees more than 80 million weekly downloads on npm, meaning even a short-lived compromise can ripple across wallet backends, trading bots, exchanges and DeFi infrastructure built on Node.js. In its advisory, Slow Fog warned that “users who installed [email protected] via npm install -g are potentially exposed,” recommending immediate credential rotation and thorough host-side investigation for signs of compromise.

    The attack hinges on a fake cryptography package, [email protected], which is silently added as a new dependency and used solely to execute an obfuscated postinstall script that drops a cross-platform remote access trojan targeting Windows, macOS and Linux systems.

    Security firm StepSecurity explained that “neither malicious version contains a single line of malicious code inside Axios itself,” and that instead “both inject a fake dependency, [email protected], whose only purpose is to run a postinstall script that deploys a cross-platform remote access trojan (RAT).” Socket’s research team noted that the malicious plain-crypto-js package was published just minutes before the compromised axios release, calling it a “coordinated supply chain attack” against the JavaScript ecosystem.

    According to StepSecurity, the malicious axios releases were pushed using stolen npm credentials belonging to primary maintainer “jasonsaayman,” allowing attackers to bypass the project’s usual GitHub-based release flow. “It’s a live supply chain compromise in [email protected], which newly depends on [email protected]—a package published hours earlier and identified as obfuscated malware that executes shell commands and erases traces,” security engineer Julian Harris wrote on LinkedIn. npm has now removed the malicious versions and reverted the axios resolution back to 1.14.0, but any environment that pulled 1.14.1 or 0.3.4 during the attack window remains at risk until secrets are rotated and systems are rebuilt.

    The compromise echoes earlier npm incidents that directly targeted crypto users, including a 2025 campaign in which 18 popular packages like chalk and debug silently swapped wallet addresses to steal funds, prompting Ledger CTO Charles Guillemet to warn that “the affected packages have already been downloaded over 1 billion times.” Researchers have also documented npm malware stealing keys from Ethereum, XRP and Solana wallets, and SlowMist has estimated that crypto hacks and frauds — including backdoored packages and AI-assisted supply chain attacks — caused more than $2.3 billion in losses in the first half of 2025 alone. For now, Slow Fog’s advice is blunt: downgrade axios to 1.14.0, audit dependencies for any trace of [email protected] or openclaw, and assume that any credentials touched by those environments are compromised.

    In a previous crypto.news story on JavaScript supply chain attacks, Ledger’s Guillemet warned that compromised npm packages with more than 2 billion weekly downloads posed a systemic risk to dApps and wallets built on Node.js. Another story detailed how North Korea’s Lazarus Group planted malicious npm packages to backdoor developer environments and target Solana and Exodus wallet users. A third crypto.news story on next-generation malware showed how backdoor supply chain attacks via npm and low-cost AI tools helped criminals remotely control over 4,200 developer machines and contributed to billions of dollars in crypto losses.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Whales bought $16.7B of Bitcoin as ETFs bled a record $4B

    July 4, 2026

    TRON Post-Quantum Signatures Launch on Nile Testnet After Vote

    July 3, 2026

    Ondo Finance puts BlackRock ETF onchain under SEC-backed model

    July 2, 2026

    Bitcoin ETF Outflows Hit Record $4.5 Billion as Institutional Demand Weakens

    July 1, 2026
    Top Posts

    Ethereum Staking Demand Surges as 3 million ETH Queue While Exit Activity Fades

    June 13, 2026

    UK Treasury taps HSBC blockchain for pilot digital gilts program

    February 18, 2026

    David Bailey’s Nakamoto strikes $107M deal to buy BTC Inc and UTXO

    February 18, 2026

    Welcome to CryptoDispatchDaily.com! Your go-to source for fast, reliable updates from the ever-evolving world of cryptocurrency. Whether it's Bitcoin, altcoins, blockchain breakthroughs, or DeFi trends, we bring you timely insights, expert analysis, and key developments shaping the future of digital finance. Stay ahead with real-time crypto news and in-depth coverage.

    Top Insights

    Investors Turn Bullish on RIVN Stock After Rivian Raises 2026 Delivery Target

    July 4, 2026

    China’s robot maker Unitree cleared for Shanghai IPO worth $619 million

    July 3, 2026

    Tether abandons Europe as MiCA ban wipes USDT from exchanges

    July 1, 2026
    Advertisement
    • About Us
    • Contact Us
    • Privacy Policy
    • Terms and Conditions
    © 2026. Designed by CryptoDispatchDaily.com.

    Type above and press Enter to search. Press Esc to cancel.