{"id":3914,"date":"2026-04-24T10:40:43","date_gmt":"2026-04-24T10:40:43","guid":{"rendered":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2026\/04\/24\/axios-npm-supply-chain-compromise-guidance-for-azure-pipelines-customers\/"},"modified":"2026-04-24T10:40:43","modified_gmt":"2026-04-24T10:40:43","slug":"axios-npm-supply-chain-compromise-guidance-for-azure-pipelines-customers","status":"publish","type":"post","link":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2026\/04\/24\/axios-npm-supply-chain-compromise-guidance-for-azure-pipelines-customers\/","title":{"rendered":"Axios npm Supply Chain Compromise \u2013 Guidance for Azure Pipelines Customers"},"content":{"rendered":"<p>On <strong>March 31, 2026<\/strong>, malicious versions of the widely used JavaScript HTTP client library <strong>Axios<\/strong> were briefly published to the npm registry as part of a supply chain attack.<\/p>\n<p>The affected versions \u2014 <strong>1.14.1<\/strong> and <strong>0.30.4<\/strong> \u2014 included a hidden malicious dependency that executed during installation and connected to attacker-controlled command-and-control (C2) infrastructure to retrieve a second-stage payload.<\/p>\n<p>Because modern development workflows frequently rely on automated dependency resolution during CI\/CD builds, environments such as developer workstations and build agents\u2014including those used in Azure Pipelines\u2014may have been exposed if they resolved the compromised versions during installation or update.<\/p>\n<p>For a detailed technical analysis of the attack and recommended mitigations, please refer to the Microsoft Security Blog:<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/04\/01\/mitigating-the-axios-npm-supply-chain-compromise\/\">Mitigating the Axios npm Supply Chain Compromise<\/a> on the Microsoft Security Blog.<\/p>\n<h2>Impact on Azure Pipelines<\/h2>\n<p>This incident <strong>does not represent a compromise of Azure Pipelines itself<\/strong>.<\/p>\n<p>Customers who:<\/p>\n<ul>\n<li>Use <strong>Microsoft-hosted agents<\/strong>, and<\/li>\n<li>Run only <strong>Microsoft-authored built-in tasks<\/strong><\/li>\n<\/ul>\n<p>are <strong>not affected by any compromise of the Azure Pipelines platform or hosted agent infrastructure<\/strong> as a result of this npm ecosystem attack.<\/p>\n<p>Azure Pipelines Microsoft-hosted agents execute jobs on Microsoft-managed virtual machines. Each pipeline job runs on a newly provisioned VM that is discarded after the job completes. Any changes made during a job are not persisted to subsequent jobs. See <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/devops\/pipelines\/agents\/hosted?view=azure-devops\">Microsoft-hosted agents for Azure Pipelines<\/a> and <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/devops\/pipelines\/agents\/agents?view=azure-devops\">Azure Pipelines agents<\/a> on Microsoft Learn.<\/p>\n<p>However, CI\/CD pipelines execute customer-defined workflows, including installing third-party dependencies during build time. If a pipeline run installed one of the malicious Axios versions, code executed during package installation, and any credentials or secrets available to that affected job should be treated as potentially exposed.<\/p>\n<h2>If Your Pipelines Include Custom Scripts, Extensions, Self-Hosted Agents, or Containers, We Recommend the Following Actions<\/h2>\n<p>You may be at risk if your Azure Pipelines workflows include:<\/p>\n<ul>\n<li>Custom pipeline scripts<\/li>\n<li>Third-party extensions installed from the Marketplace<\/li>\n<li>Self-hosted agents<\/li>\n<li>Containerized build environments<\/li>\n<\/ul>\n<h3>Review Self-Hosted Agents<\/h3>\n<p>Self-hosted agents are customer-managed compute infrastructure used to run pipeline jobs. See <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/devops\/pipelines\/agents\/agents?view=azure-devops\">Azure Pipelines agents<\/a> on Microsoft Learn.<\/p>\n<p>Self-hosted agents that executed pipeline builds during the compromise window may have:<\/p>\n<ul>\n<li>Installed malicious dependencies<\/li>\n<li>Persisted compromised packages in local caches<\/li>\n<li>Exposed credentials accessible during pipeline execution<\/li>\n<\/ul>\n<p>We recommend:<\/p>\n<ul>\n<li>Reimaging or rebuilding affected agents<\/li>\n<li>Reviewing agent activity logs during the relevant timeframe<\/li>\n<li>Rotating credentials used by affected agents<\/li>\n<\/ul>\n<h3>Audit Third-Party or Custom Pipeline Tasks<\/h3>\n<p>Review whether any:<\/p>\n<ul>\n<li>Marketplace extensions<\/li>\n<li>Custom tasks<\/li>\n<li>Inline scripts<\/li>\n<\/ul>\n<p>used in your pipelines depend directly or transitively on Axios and executed npm install or update operations during pipeline execution.<\/p>\n<p>Pipeline steps that resolve compromised dependencies may have access to:<\/p>\n<ul>\n<li>Secure pipeline variables<\/li>\n<li>Service connection tokens<\/li>\n<li>Deployment credentials<\/li>\n<\/ul>\n<h3>Review Service Connections<\/h3>\n<p>Azure Pipelines uses <strong>service connections<\/strong> to authenticate pipelines to external or remote services such as:<\/p>\n<ul>\n<li>Azure subscriptions<\/li>\n<li>Container registries<\/li>\n<li>Kubernetes clusters<\/li>\n<li>External build or artifact systems (see <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/devops\/pipelines\/library\/service-endpoints?view=azure-devops\">Service connections<\/a> on Microsoft Learn)<\/li>\n<\/ul>\n<p>If compromised dependencies executed within a pipeline job, identities or credentials associated with service connections used during that run may have been exposed.<\/p>\n<p>We recommend:<\/p>\n<ul>\n<li>Rotating credentials associated with affected service connections<\/li>\n<li>Reviewing actions taken by pipelines using those connections<\/li>\n<\/ul>\n<h3>Clear Pipeline Dependency Caches<\/h3>\n<p>Compromised dependencies may persist in:<\/p>\n<ul>\n<li>Pipeline workspace caches<\/li>\n<li><code>npm<\/code>\/<code>yarn<\/code>\/<code>pnpm<\/code> cache directories<\/li>\n<li>Container build layers<\/li>\n<li>Generated artifacts<\/li>\n<li>Package-manager caches<\/li>\n<\/ul>\n<p>Clear dependency caches associated with affected repositories or agents to prevent reuse of compromised packages in future builds.<\/p>\n<p>Artifacts generated from runs that installed the malicious package versions should be treated as <strong>untrusted<\/strong> and replaced with clean builds.<\/p>\n<h2>What to do now<\/h2>\n<p>Review any pipeline runs that may have installed the affected Axios versions, especially in workflows that use self-hosted agents, custom tasks, third-party extensions, or containerized build environments.<\/p>\n<p>For detailed attack analysis, indicators of compromise, and mitigation guidance, see <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/04\/01\/mitigating-the-axios-npm-supply-chain-compromise\/\">Mitigating the Axios npm Supply Chain Compromise<\/a> on the Microsoft Security Blog.<\/p>\n<h2>What to review in your pipelines<\/h2>\n<ul>\n<li>Custom pipeline scripts<\/li>\n<li>Third-party extensions installed from the Marketplace<\/li>\n<li>Self-hosted agents<\/li>\n<li>Containerized build environments<\/li>\n<\/ul>\n<h2>Best Practices to Reduce Future Supply Chain Risk in Azure Pipelines<\/h2>\n<h3>Pin Dependency Versions<\/h3>\n<p>Avoid loose semantic version ranges such as:<\/p>\n<pre><code class=\"json\">\"axios\": \"^1.13.0\"\n<\/code><\/pre>\n<p>Loose constraints may automatically resolve to newly published versions during routine installs \u2014 including compromised ones.<\/p>\n<h3>Use Lockfiles and Deterministic Installs<\/h3>\n<p>Ensure your pipelines:<\/p>\n<ul>\n<li>Commit <code>package-lock.json<\/code> \/ <code>yarn.lock<\/code> \/ <code>pnpm-lock.yaml<\/code><\/li>\n<li>Use deterministic install commands (e.g. <code>npm ci<\/code>)<\/li>\n<\/ul>\n<p>This helps prevent unexpected dependency resolution during CI\/CD runs.<\/p>\n<h3>Limit Secret Scope in Pipelines<\/h3>\n<p>Minimize exposure by:<\/p>\n<ul>\n<li>Using least-privilege service connections<\/li>\n<li>Injecting secrets only into steps that require them<\/li>\n<li>Avoiding global environment variable exposure across jobs<\/li>\n<\/ul>\n<h3>Rebuild Build Outputs After Remediation<\/h3>\n<p>Do not assume that:<\/p>\n<ul>\n<li>Container images<\/li>\n<li>Deployment bundles<\/li>\n<li>Published packages<\/li>\n<\/ul>\n<p>produced during a compromised pipeline run are safe.<\/p>\n<p>Rebuild affected outputs after remediating dependencies.<\/p>\n<h2>How to reduce future supply chain risk<\/h2>\n<ul>\n<li>Pin dependency versions<\/li>\n<li>Use lockfiles and deterministic installs<\/li>\n<li>Limit secret scope in pipelines<\/li>\n<li>Rebuild build outputs after remediation<\/li>\n<\/ul>\n<h2>Learn More<\/h2>\n<p>To understand the attack mechanics, indicators of compromise, and Microsoft\u2019s mitigation guidance, please review: <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/04\/01\/mitigating-the-axios-npm-supply-chain-compromise\/\">Mitigating the Axios npm Supply Chain Compromise<\/a> on the Microsoft Security Blog.<\/p>\n<p>Self-hosted agents that executed pipeline builds during the relevant timeframe should be reviewed for signs that they installed the malicious package versions or the injected dependency <code>plain-crypto-js@4.2.1<\/code>.<\/p>\n<p>We recommend:<\/p>\n<ul>\n<li>Reviewing pipeline and agent logs for <code>npm install<\/code> or <code>npm ci<\/code> runs that resolved <code>axios@1.14.1<\/code>, <code>axios@0.30.4<\/code>, or <code>plain-crypto-js@4.2.1<\/code><\/li>\n<li>Reviewing network activity for connections to <code>sfrclak[.]com<\/code> or <code>142.11.206.73<\/code> on port <code>8000<\/code><\/li>\n<li>Reimaging or rebuilding affected agents where practical<\/li>\n<li>Rotating credentials that were available to affected runs<\/li>\n<\/ul>\n<p>If an affected pipeline run had access to service connections or deployment credentials, those credentials should be treated as potentially exposed.<\/p>\n<p>We recommend:<\/p>\n<ul>\n<li>Rotating credentials associated with service connections used by affected runs<\/li>\n<li>Reviewing service connection usage history and actions taken by those identities during the relevant timeframe<\/li>\n<\/ul>\n<h2>How to verify whether you were affected<\/h2>\n<p>Review pipeline logs for <code>npm install<\/code> or <code>npm ci<\/code> executions that resolved:<\/p>\n<ul>\n<li><code>axios@1.14.1<\/code><\/li>\n<li><code>axios@0.30.4<\/code><\/li>\n<li><code>plain-crypto-js@4.2.1<\/code><\/li>\n<\/ul>\n<p>Also review network and endpoint telemetry for the following indicators:<\/p>\n<ul>\n<li><code>sfrclak[.]com<\/code><\/li>\n<li><code>142.11.206.73<\/code><\/li>\n<li><code>hxxp:\/\/sfrclak[.]com:8000\/6202033<\/code><\/li>\n<\/ul>\n<p>The post <a href=\"https:\/\/devblogs.microsoft.com\/devops\/axios-npm-supply-chain-compromise-guidance-for-azure-pipelines-customers\/\">Axios npm Supply Chain Compromise \u2013 Guidance for Azure Pipelines Customers<\/a> appeared first on <a href=\"https:\/\/devblogs.microsoft.com\/devops\">Azure DevOps Blog<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>On March 31, 2026, malicious versions of the widely used JavaScript HTTP client library Axios were briefly published to the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":94,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3914","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/3914","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=3914"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/3914\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media\/94"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=3914"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=3914"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=3914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}