Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Axios package hijack and machine-speed defense: what teams missed


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 10745
Topic starter  

TL;DR: A North Korean actor hijacked the npm credentials of the primary Axios maintainer, published two backdoored releases, and triggered 600,000 downloads in about three hours, with the first infection seen 89 seconds after publication, according to SentinelOne. Legacy token coexistence, not just modern publishing controls, created the exploit window that made the compromise effective.

NHIMG editorial — based on content published by SentinelOne: a guide to the suspected North Korean cyber attack and how SentinelOne defends against it at machine speed

By the numbers:

Questions worth separating out

Q: What breaks when a long-lived npm token is left active after adopting OIDC publishing?

A: The newer publishing path stops being authoritative because the fallback credential can still authenticate.

Q: Why do supply chain compromises of developer tools create such a large identity risk?

A: Developer tools often sit on top of the most sensitive non-human identities in the environment.

Q: What do security teams get wrong about package provenance and trusted publishing?

A: They often assume provenance replaces older authentication paths automatically.

Practitioner guidance

  • Remove legacy publishing tokens immediately Inventory every npm, CI/CD, and repository credential that can still publish or sign releases.
  • Treat package installation as execution Disable or tightly limit postinstall script execution in build pipelines, especially where external dependencies are introduced.
  • Scope developer endpoints as credential-bearing assets Include developer workstations and CI runners in the same secrets and identity review processes used for production systems.

What's in the full article

SentinelOne's full analysis covers the operational detail this post intentionally leaves for the source:

  • Step-by-step containment guidance for Axios-related artifacts across Windows, macOS, Linux, and CI runners
  • Detailed indicator lists, including DNS, IP, file paths, and package hashes used for hunting
  • Exact console queries and Storyline review steps for environment-specific triage
  • The full credential rotation checklist for npm, SSH, CI/CD, cloud, and signing material

👉 Read SentinelOne's analysis of the Axios supply chain compromise and machine-speed response →

Axios package hijack and machine-speed defense: what teams missed?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 10300
 

Identity trust in software supply chains is now a standing NHI governance problem, not a release-management issue. The attacker did not need to break cryptography or defeat federated authentication at scale. They needed a valid maintainer identity with a legacy token that still outranked the intended publishing path. That means software release governance must be treated as identity lifecycle governance, where revocation, deprecation, and token precedence are first-class controls. Practitioners should stop treating package publishing as an isolated developer workflow and start treating it as privileged non-human identity management.

A few things that frame the scale:

  • 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to the Ultimate Guide to NHIs.
  • 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time.

A question worth separating out:

Q: Who is accountable when a compromised maintainer credential exposes downstream environments?

A: Accountability sits with the teams that own token lifecycle, publishing policy, and secrets governance, not just with the maintainer whose identity was stolen. In practice, this spans platform engineering, security architecture, and application owners because the attack abuses organisational trust in the software delivery chain.

👉 Read our full editorial: Supply chain identity abuse is compressing response windows for teams



   
ReplyQuote
Share: