axios Was Compromised on npm — What Happened, How It Works, and What You Must Do Right Now

TL;DR — axios@1.14.1 and axios@0.30.4 were compromised on March 31, 2026. A hijacked maintainer account published malicious versions that silently install a Remote Access Trojan on macOS, Windows, and Linux — and self-destruct to avoid detection. If you ran npm install in the last 24 hours, check your system NOW. The Package That Powers the Internet Just Got Weaponized axios has over 100 million weekly downloads. It's in nearly every JavaScript project on the planet — startups,