Home / Security updates / Drata Not Impacted by Axios npm Supply Chain Attack
Drata Not Impacted by Axios npm Supply Chain Attack
Security updates detail rendered from /security-updates/upd_6b7820a2c4b7ca35.
Overview
| ID | upd_6b7820a2c4b7ca35 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Drata |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_6b7820a2c4b7ca35 |
| providerId | safebase |
| organizationId | org_9708d68ec58f1549 |
| trustCenterId | tc_e9eb1dc435842fd1 |
| title | Drata Not Impacted by Axios npm Supply Chain Attack |
| message | On March 30, 2026, Drata became aware of the Axios npm supply chain attack security incident. [Threat intelligence sources](https://unit42.paloaltonetworks.com/axios-supply-chain-attack/) have reported that this incident introduced a malicious dependency into specific npm releases of the widely used HTTP client Axios, specifically [email protected] and [email protected]. -Recommended: [Supply Chain Attack on Axios Pulls Malicious Dependency from npm](https://socket.dev/blog/axios-npm-package-compromised), Socket Research Team -Recommended: [Hidden Blast Radius of the Axios Compromise](https://socket.dev/blog/hidden-blast-radius-of-the-axios-compromise), Socket Research Team --- >__We want our customers to know that Drata is *not* impacted by this threat.__ --- We do not leverage the affected versions of this software ([email protected] or [email protected]) within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed. |
| url | - |
| publishedAt | 2026-04-06 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "incidents"
} |
| company | {
"id": "org_9708d68ec58f1549",
"name": "Drata",
"domains": [
"trust.drata.com",
"drata.com"
]
} |
| trust_center | {
"id": "tc_e9eb1dc435842fd1",
"name": "Drata",
"url": "https://trust.drata.com",
"host": "trust.drata.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_6b7820a2c4b7ca35",
"company": "/v1/companies/org_9708d68ec58f1549",
"trust_center": "/v1/trust-centers/tc_e9eb1dc435842fd1",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_6b7820a2c4b7ca35JSON