Security researchers identified a surge in software supply chain attacks during March 2026, specifically targeting popular NPM and PyPI packages like Axios and LiteLLM to distribute malicious payloads.

Key Points

• The Axios NPM package was compromised via account takeover, injecting a cross-platform Remote Access Trojan (RAT) into versions 1.14.1 and 0.30.4.
• The threat group TeamPCP targeted the LiteLLM library on PyPI, embedding malicious code in versions 1.82.7 and 1.82.8 to harvest sensitive cloud and infrastructure credentials.
• TeamPCP has been linked to multiple recent supply chain incidents, including attacks on the Trivy vulnerability scanner, KICS static analysis tool, and the Telnyx communication library.
• Malicious Axios releases utilized a hidden dependency to execute postinstall scripts, while compromised LiteLLM versions used obfuscated payloads to facilitate lateral movement.
• Security teams are advised to rotate all potentially exposed API keys, SSH tokens, and cloud credentials, and to enforce strict dependency auditing and MFA for maintainer accounts.

Why it Matters

These incidents demonstrate the inherent fragility of the global software supply chain, where attackers exploit trusted developer accounts to inject malware into widely used open-source libraries. By compromising CI/CD pipelines and developer workstations, these attacks can lead to widespread data exfiltration and long-term persistence within enterprise production environments.