I have a truly wonderful piece of news for you today. Because the smarter artificial intelligence gets, the more people find creative ways to use it. To make our already difficult lives just a little bit harder.
I'm not talking about price increases or politics. I'm talking about attacks on software you use every single day. Imagine someone poisoning not the food at the supermarket, but the raw ingredients – the water, the flour – before anything is even produced. That's exactly what's happening right now. In the software world.
39 minutes. That was all it took.
In 39 minutes, attackers compromised both release versions of Axios on npm – a JavaScript package with over 100 million weekly downloads. 3 platforms, 3 payloads: Windows, macOS, Linux. Anyone who ran "npm install" during that window automatically picked up a state-sponsored trojan. Completely automatically. Without noticing a thing.
Why libraries are the new target
Back in the day, hackers attacked banks. That was effort. That was risk. That had consequences. Today they think more strategically. Why rob a single bank when you can crack the key factory that makes all the locks?
Software libraries – small building blocks that millions of developers use every day – those are the factories. Axios, for example. An npm package. Used by billions of devices worldwide every single day. Not by one bank. Not by one organization. By everyone.
Microsoft calls the group responsible "Sapphire Sleet". Google knows them internally by a different name. Both agree: state-sponsored actors from North Korea.
Incident 1: Axios npm – 39 minutes was enough
On March 31, 2026, two new npm releases of Axios were identified as malicious. The attackers had compromised the maintainer account and injected a hidden dependency ("plain-crypto-js") that automatically installed a remote access trojan – via a so-called postinstall hook. Anyone who ran a normal update during this window was affected.
Incident 2: WordPress plugins – 8 months of patience
A buyer named "Kris" acquired more than 30 WordPress plugins on the platform Flippa for a six-figure sum – with over 400,000 installations and more than 15,000 customers. In version 2.6.7, a backdoor was slipped in as an innocuous changelog entry. And then Kris waited. 8 months. On April 5, 2026, the backdoor was activated for 6 hours and 44 minutes. Regular visitors saw nothing. Only Google's crawler.
Incident 3: Vercel via Context.ai – 1 app connection, $2 million
A Vercel employee connected an AI tool called Context.ai to their company account. Thousands of people do this every single day. But Context.ai itself was compromised – and through that OAuth pathway, attackers took over the employee's account. Access to internal systems, unencrypted credentials from customer projects. The ShinyHunters group then offered the stolen data for $2 million.
What these three incidents have in common
They were discovered. That sounds reassuring. But it isn't.
The WordPress backdoor remained undiscovered for 8 months. The Axios attack was completed in 39 minutes – faster than any security team can react. And Anthropic has warned us that their own AI systems are so capable that they would be better hackers than real hackers. And better security experts than real security experts.
What we're seeing is probably just the tip of what this iceberg has in store for us beneath the surface.
The key takeaway
Every software update is a potential entry point. Every third-party connection a risk. You can protect yourself – multi-factor authentication, vetted dependencies, software analysis. Or you can understand how these attacks work and decide for yourself which risks you're willing to take. One of those two options has a better track record. I'll leave the conclusion to you.
Sources
-
Microsoft Security Blog: Mitigating the Axios npm supply chain compromise
Microsoft's detailed analysis of the Axios attack, attribution to "Sapphire Sleet":
microsoft.com – Axios npm supply chain compromise -
Google Cloud Blog: North Korea Threat Actor Targets Axios NPM Package
Google's threat intelligence analysis and attribution to UNC1069:
cloud.google.com – North Korea targets Axios -
Trend Micro: Axios NPM Package Compromised
Trend Micro's security analysis of the supply chain attack:
trendmicro.com – Axios NPM Package Compromised -
Patchstack: Critical Supply Chain Compromise on 20+ Plugins by EssentialPlugin
Detailed analysis of the WordPress plugin backdoor attack:
patchstack.com – EssentialPlugin supply chain compromise -
TechCrunch: App host Vercel says it was hacked and customer data stolen
TechCrunch report on the Vercel breach via Context.ai:
techcrunch.com – Vercel security incident via Context.ai