Home / Security updates / Datadog's Response to axios npm Package Compromise
Datadog's Response to axios npm Package Compromise
Security updates detail rendered from /security-updates/upd_7bb3263d7e79b577.
Overview
| ID | upd_7bb3263d7e79b577 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Datadog |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_7bb3263d7e79b577 |
| providerId | safebase |
| organizationId | org_69291cebe8d5d66e |
| trustCenterId | tc_3aed993e7dda3cf3 |
| title | Datadog's Response to axios npm Package Compromise |
| message | We are aware of the recently disclosed malicious axios npm packages (including versions 1.14.1 and 0.30.4), and have completed a security investigation of the potential impact to Datadog. Our exposure was limited to a small number of isolated development environments and CI/CD test runners. We have contained the affected systems, and out of caution, we rotated all potentially exposed keys and secrets. We have identified no impact to customer environments or customer data. **How do I know if I was affected?** If you used any of the following Datadog open-source packages during the compromise window (2026-03-30 23:59 UTC – 2026-03-31 03:25 UTC), you may have inadvertently installed a malicious version of axios. **Installed via npm during the compromise window** [datadog-ci](https://github.com/DataDog/datadog-ci) [datadog-ci-base](https://github.com/DataDog/datadog-ci/tree/master/packages/base) [datadog-ci-plugin-coverage](https://github.com/DataDog/datadog-ci/tree/master/packages/plug |
| url | - |
| publishedAt | 2026-04-03 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "incidents"
} |
| company | {
"id": "org_69291cebe8d5d66e",
"name": "Datadog",
"domains": [
"trust.datadoghq.com",
"datadoghq.com"
]
} |
| trust_center | {
"id": "tc_3aed993e7dda3cf3",
"name": "Datadog",
"url": "https://trust.datadoghq.com",
"host": "trust.datadoghq.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_7bb3263d7e79b577",
"company": "/v1/companies/org_69291cebe8d5d66e",
"trust_center": "/v1/trust-centers/tc_3aed993e7dda3cf3",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_7bb3263d7e79b577JSON