Home / Security updates / Cribl Security Advisory – Axios Supply Chain Attack (March 2026)

Cribl Security Advisory – Axios Supply Chain Attack (March 2026)

Security updates detail rendered from /security-updates/upd_e60661e4f35c2bf0.

Overview

ID	upd_e60661e4f35c2bf0
Collection	Security Updates
Provider	TrustShare (TrustCloud / Kintent)
Company	Cribl
URL	-
Counts	-
Updated	-

Field	Value
id	upd_e60661e4f35c2bf0
providerId	trustshare
organizationId	org_db5a178977544c0d
trustCenterId	tc_3321b21a903010d8
title	Cribl Security Advisory – Axios Supply Chain Attack (March 2026)
type	security_advisory
message	Cribl has reviewed recent reports of a supply chain attack impacting the Axios npm package. The incident involved malicious versions of Axios (1.14.1 and 0.30.4) published using compromised maintainer credentials, which introduced a hidden dependency that deployed a cross-platform remote access trojan (RAT) during installation. At no time did Cribl products or build systems utilize the affected Axios versions. Based on this review, no impact to customer data has been identified. We will continue to monitor relevant threat intelligence and advisories and will update this assessment if necessary. For any questions, contact [email protected].
publishedAt	2026-03-31
gated	no
source	{ "field": "trustshare/notifications[]" }
company	{ "id": "org_db5a178977544c0d", "name": "Cribl", "domains": [ "trust.cribl.io", "cribl.io" ] }
trust_center	{ "id": "tc_3321b21a903010d8", "name": "Cribl", "url": "https://trust.cribl.io", "host": "trust.cribl.io" }
provider	{ "id": "trustshare", "name": "TrustShare (TrustCloud / Kintent)" }
links	{ "self": "/v1/security-updates/upd_e60661e4f35c2bf0", "company": "/v1/companies/org_db5a178977544c0d", "trust_center": "/v1/trust-centers/tc_3321b21a903010d8", "provider": "/v1/providers/trustshare" }

Get this page with API

Rendered from the bluedoor Trust Centers API. Reproduce it:

GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_e60661e4f35c2bf0JSON