AXIOS NPM Alert
Warning Number:
2026-7391
Severity Level
Warning Date
07/04/2026
Target sector
Description
Malicious code injected in AXIOS NPM package. The injected malicious code allows the attacker to perform unauthorized modification on the affected applications.
Affected Packages:
• axios@1.14.1
• axios@0.30.4
Best Practice And Recommendations
The CERT team encourages users to perform the following:
2. Reinstall the affected package with an unaffected version.
3. Remove the dependency (plain-crypto-js)
4. Review the logs of the affected systems to rule out any suspicious activities or connections to the related IoCs. If a malicious activity is detected; Isolate the affected system, activate the incident response plan.
5. Reset all credentials and access tokens on the affected systems.
Critical Security Alerts
Warning Number:
2026-7394
Severity Level
Warning Date
08/04/2026
Target sector
Warning Number:
2026-7393
Severity Level
Warning Date
08/04/2026
Target sector
Warning Number:
2026-7392
Severity Level
Warning Date
07/04/2026
Target sector
Warning Number:
2026-7391
Severity Level
Warning Date
07/04/2026
Target sector
Warning Number:
2026-7390
Severity Level
Warning Date
07/04/2026
Target sector
Warning Number:
2026-7389
Severity Level
Warning Date
07/04/2026
Target sector
Warning Number:
2026-7388
Severity Level
Warning Date
07/04/2026
Target sector
Warning Number:
2026-7387
Severity Level
Warning Date
07/04/2026
Target sector
Warning Number:
2026-7386
Severity Level
Warning Date
07/04/2026
Target sector
Last Update at: 07/04/2026 - 9:10pm Saudi time