Axios Got Hacked and Most Vibe Coders Won't Even Notice

Three hundred million weekly downloads. That's how big Axios is. Today, an attacker hijacked the maintainer's npm account and published two poisoned versions. Anyone who ran npm install during a three hour window got a Remote Access Trojan on their machine.

The malicious code never touched GitHub. It went straight to npm. No pull request. No code review. No CI pipeline. Just a compromised account and two package versions that looked perfectly legitimate.

This is the kind of thing that separates building software from assembling it.

What actually happened

Around midnight UTC on March 31, someone gained access to the npm credentials of Axios's lead maintainer. They published axios@1.14.1 and axios@0.30.4 with a new hidden dependency called plain-crypto-js. That dependency ran a postinstall script that downloaded a platform-specific payload. Windows, macOS, Linux. All covered. The payload was a RAT that phoned home to the attacker's server every sixty seconds.

Then it cleaned up after itself. Deleted the payload. Restored the original package.json. Designed to leave no trace.

The malicious versions stayed live for roughly three hours before npm pulled them down. Security researchers estimate the RAT executed successfully in 3% of affected environments. On a package with 300 million weekly downloads, 3% is a staggering number.

Why vibe coders are the most exposed

Here's the part that keeps me up at night. Software has never been easier to build. You can describe an app in plain English and watch an AI write it for you. Thousands of people are shipping products this way right now. They call it vibe coding. And most of them have never opened their package-lock.json.

When you build software with AI, the AI picks your dependencies. It decides which packages to install. It writes the import statements. You trust it because the app works. And it does work. Right up until one of those dependencies gets compromised.

A seasoned developer would notice a new transitive dependency appearing in their lockfile. They'd question why plain-crypto-js showed up when they didn't add it. They'd have tooling in place. Lockfile audits. Dependency scanners. Pinned versions. Not because they're paranoid. Because they've seen this movie before.

A vibe coder wouldn't. Not because they're careless. Because they don't know these risks exist.

Building software got easier. Securing it didn't.

This is the gap that keeps growing. AI lowered the barrier to writing code. It didn't lower the barrier to understanding what that code actually does. Supply chain attacks, dependency confusion, postinstall scripts, lockfile injection. These aren't theoretical threats. They happen on real packages that real projects depend on.

Think of it like fishing. Anyone can catch a fish. But selling fish to restaurants requires knowing how to handle it. Storage temperatures. Freshness standards. Health codes. The catching part was never what made it hard. The whole chain around it is what separates an amateur with a rod from someone who can actually run the operation.

Software works the same way. Writing the code is the fishing. Everything else, security, infrastructure, deployment, monitoring, is the supply chain that keeps it safe and running. AI made the fishing part trivially easy. Everything else still requires someone who knows what they're doing.

What to do about it

If you're building with AI tools and shipping to production, you need guardrails that go beyond "it works on my machine."

Lock your dependencies. Use exact versions. Commit your lockfile. Don't let any tool, human or AI, introduce packages you haven't reviewed.

Run npm audit before every deploy. It takes seconds. It catches known vulnerabilities. Most vibe-coded projects never run it once.

Treat postinstall scripts as a red flag. The Axios attacker used a postinstall hook to execute the payload. You can disable them with --ignore-scripts and selectively allow only the ones you trust.

Work with someone who knows the terrain. You don't need a full engineering team to build an MVP. But you do need someone who understands dependency management, secrets handling, and deployment security. The cost of that expertise is a fraction of the cost of a breach.

The tools that make software accessible are genuinely incredible. They're enabling people to build things that would have been impossible five years ago. But accessibility without awareness creates a new category of risk. And today, Axios showed exactly what that risk looks like at scale.