Supply Chain Attacks Targeting the Open-Source Ecosystem Mr. Park, a software developer, recently found himself grappling with a fundamental question while searching for an open-source package for his project: 'Is this package safe?' The open-source ecosystem, trusted and utilized by developers worldwide due to its transparency and accessibility, has recently seen that trust threatened. The Axios NPM attack on March 31, 2026, and the LiteLLM PyPI supply chain attack are not merely technical issues; they have sent deep shockwaves throughout the entire open-source ecosystem, escalating into a crisis of trust. Cyberattacks targeting the open-source ecosystem are no longer considered an issue for only a few developers. According to the 'Cyber Security Incident Report: Supply Chain Attacks, Fraud, and Ransomware April 2026' published by KCNet on April 11, 2026, supply chain attacks targeting open-source packages have recently surged. The Axios NPM and LiteLLM PyPI incidents, in particular, are recorded as prime examples of such attacks. The risk of malicious code spreading through widely used libraries or package management systems by developers and companies is increasing. On March 31, 2026, an attack targeting the Axios NPM package occurred. North Korean threat actors, identified as being behind the incident, published two malicious versions of the Axios npm package. These versions contained a fake dependency named 'plain-crypto-js,' designed to download a Remote Access Trojan (RAT) payload. Axios is a core HTTP client library used in countless JavaScript projects worldwide. Had this attack succeeded, all applications using the affected package could have become potential targets. Fortunately, thanks to Microsoft's swift response, the attack was detected within just three hours, preventing further spread. However, even within this short period, malicious versions were published on the npm repository, and the possibility that some developers downloaded them cannot be ruled out. This incident confirmed that major companies and projects in various countries are not immune to such attacks. While a three-hour detection time is considered relatively fast in the security industry, in the global open-source ecosystem, three hours is ample time for malicious code to spread to thousands of projects. The LiteLLM PyPI incident exploited vulnerabilities in PyPI (Python Package Index), a Python package repository. Malicious code was distributed through a widely used open-source package management system, raising alarm throughout the Python ecosystem. Python is one of the most popular programming languages in various fields, including data science, artificial intelligence, and web development. Therefore, a supply chain attack via PyPI inevitably has a significant impact. These incidents serve as a strong warning about the global repercussions that extend beyond mere technical flaws. The reason developers use open-source libraries is simple: they save time by leveraging existing code, and if a library is quality-proven, it's also considered reliable from a security perspective. Indeed, open-source components are estimated to constitute 70-90% of the entire codebase in modern software development. However, as seen in the cases above, this very trust can become a source of fatal damage. Lessons from the Axios NPM and LiteLLM PyPI Incidents The very openness of open-source projects makes them attractive targets for attackers. Anyone can publish packages, code is public, making vulnerabilities easier to find, and a successful infiltration can affect numerous downstream projects. With a single vulnerability discovery now capable of cascading effects across hundreds or thousands of projects, this is no longer just a technical issue but an escalating business risk for companies. Successful supply chain attacks can lead to multifaceted damages, including data breaches, system failures, loss of customer trust, and fines for regulatory violations. Experts propose several strategies as solutions. First, companies and developers must periodically verify all external libraries and packages they use. One should not blindly trust that a specific package is safe just because it's the latest version. Instead, newly updated versions should be carefully reviewed, keeping in mind the possibility of malicious code injection. Utilizing Software Composition Analysis (SCA) tools to continuously monitor dependency trees and automatically detect packages with known vulnerabilities is recommended. Second, it is necessary to adopt additional security mechanisms, such as multi-factor authentication (MFA) and code signing, to strengthen supply chain security. Package repositories like npm and PyPI are increasingly enhancing identity verification for package publishers, and developers should also protect their accounts with two-factor authentication. Furthermore, it is crucial to develop the habit of verifying integrity by checking digital signatures when
Related Articles