The axios Attack Was a Wake-Up Call. Your AI Agent Just Ran npm install Without Asking You.

The axios 1.14.1 supply chain attack hit packages with 100M+ weekly downloads. But here's what nobody's talking about — AI coding agents run npm install autonomously. No human reviews the packages. No human checks the lockfile. Your agent just trusts npm. This isn't a hypothetical. It happened this week. What Happened On March 31, 2026, an attacker hijacked a lead maintainer's npm account for axios — one of the most widely used JavaScript packages in existence. They: Swapped the maintainer's email to an anonymous ProtonMail Bypassed GitHub Actions entirely Manually pushed [email protected] via the npm CLI The malicious version injected [email protected] — a package that didn't exist before that day. It's a full RAT dropper. One npm install and it: Runs a postinstall script silently Detects your OS (macOS, Windows, Linux) Downloads a platform-specific payload Executes it Deletes itself after execution Replaces its own package.json with a clean decoy You check your node_modules after — ev