UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

By Ravie Lakshmanan | Apr 03, 2026

A sophisticated social engineering campaign conducted by the threat actor UNC1069 has resulted in a significant supply chain attack targeting the npm ecosystem through compromise of an Axios maintainer.

The attack represents a critical security incident that highlights the ongoing vulnerabilities in open-source software supply chains, where malicious actors target key maintainers of popular packages to gain widespread access to downstream systems.

Details about the specific tactics used in the social engineering campaign and the scope of the compromise are part of an ongoing investigation into this supply chain security incident.

This incident underscores the importance of robust security measures for open-source project maintainers and the need for enhanced verification processes within package management ecosystems.