Open Source Security FundingInitiative

Open sourcing AI powered supply chain monitoring that caught the Axios npm compromise

March 31, 2026Elastic Security Labs, Zulfikar Ramzan (He / Him)

Elastic Security Labs says it built an AI-powered supply chain monitoring tool that detected the Axios npm compromise early and is being open sourced. ThreatPointAI also says it open sourced a dependency scanner for similar attacks.

Open in PulseSee the full expert discussion →

QUOTES

One of our researchers built an AI powered supply chain monitoring tool on a Friday afternoon.

The following Monday night it caught the Axios npm compromise before most people knew it existed.

Elastic Security Labs is open sourcing the tool.

we built and open-sourced a tool that scans dependencies for these kinds of attacks

it caught the Axios npm compromise before most people knew it existed.

VOICES

Elastic Security Labs

Zulfikar Ramzan (He / Him)

RELATED TERMS

supply chainnpmopen sourceaxiosnpmopen sourcethreat intelligence

OTHER FINDINGS IN OPEN SOURCE SECURITY FUNDING

TeamPCP multi-ecosystem supply chain campaign and mitigations Telnyx Python SDK backdoor (PyPI) stealing credentials Open source complacency about auditing and real vulnerability report floods

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security