Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

package security

The attackers hijacked a legitimate, trusted npm namespace and published backdoored versions of widely-used frontend components, API clients, and developer tooling. A significant supply chain attack on June 1, 2026, targeting over 30 official packages under the @redhat-cloud-services npm scope. Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Aikido Security advises developers to disable npm postinstall scripts during continuous integration, if possible. Wiz researchers recommend security teams to first identify the compromised packages and replace them with legitimate ones. Developers are advised to https://medicalcases.eu/behind-providence-st-josephs-daring-push-into-digital-consumer-engagement/ check Aikido’s post for the complete list of the infected packages, downgrade to safe versions, and rotate their secrets and CI/CD tokens immediately.

This makes reinfected packages appear fully legitimate even to tools specifically designed to verify supply chain integrity. When the Shai-Hulud malware first appeared in the npm space in mid-September, and it compromised 187 packages with a self-propagating payload that used the TruffleHog tool to steal developer secrets. Learn how to secure AI agents with practical controls for access, visibility, secrets, and risk containment. Find out the cost of smart home automation in 2026, including devices, installation, and which options make sense for your home.

Attackers targeted packages with existing users and a history of legitimate use. Share code, explore data, write, and learn across your apps in ways you couldn’t before. Catalog of official Microsoft MCP (Model Context Protocol) server implementations for AI-powered data access and tool integration This incident echoes a growing trend of supply chain attacks targeting package repositories across ecosystems. These packages acted as the primary malware delivery mechanism, executing during the standard package build process without triggering obvious warnings to end users. The threat actors systematically targeted orphaned AUR packages legitimate projects that have been abandoned by their original maintainers and claimed ownership of them through AUR’s standard adoption process.

  • The malicious commits reused original author metadata and timestamps, creating a deceptive appearance in Git history.
  • Similar to the modus operandi observed in the Axios supply chain attack, the hackers modified the packages’ PKGBUILD to introduce malicious behavior masquerading as the NPM package atomic-lockfile.
  • Our timetable data is sourced directly from National Rail, so our Journey Planner only shows up-to-date, trustworthy information.
  • If a meeting overruns or it finishes early (miracles do happen), we’ll help you stay flexible on the move.

Licensing and community direction

The Shai-Hulud worm emerged just days after unknown attackers launched a broad phishing campaign that spoofed NPM and asked developers to “update” their multi-factor authentication login options. “If it finds it, it will modify the 20 most popular packages that the npm token has access to, copying itself into the package, and publishing a new version.” Our findings identified that on May 29, 2026, a GitHub account, compromised via a VS code extension containing malware, was used to inject malicious code into packages maintained in a Red Hat GitHub organization and altered configuration files to infect other developers opening those directories. GitHub’s new public monitoring finds your enterprise’s leaked secrets anywhere on github.com. The best defense is visibility into what your build environment and developer machines are actually doing, and the ability to detect the unexpected before secrets leave the device.

package security

Get notified when this content is updated

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. As part of the attacks, the threat actor compromises maintainer accounts to tamper with legitimate repositories and push infected packages. North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a broad supply chain campaign, Socket reports.

Monitor build hosts and runners for unexpected package manager calls, network egress during build steps, and creation of suspicious systemd units or eBPF objects. For any host where the malicious payload may have run as root, treat it as compromised. Rebuild highly trusted systems.

How StepSecurity Can Help

The good news is as home automation has become more mainstream not only has the industry grown in its offerings, but it has also become more affordable. Generally speaking, the cost of home automation depends on the provider, the type of system, and the number of devices you want to automate. Cost is an important factor for anyone considering home automation. Be sure to do your research to ensure the needs of your home are met and read here for more information on getting started with home automation.

Getting started is simple

Within an hour, more than 50 additional packages belonging to the maintainer jagreehal were also poisoned, including ai-sdk-ollama, which counts more than 120,000 monthly downloads. By submitting this form, I understand my personal data will be processed in accordance with Palo Alto Networks Privacy Statement and Terms of Use. From CI/CD misconfiguration detection to runtime behavioral threat detection and anomaly detection, every phase of the Trivy https://survincity.com/2022/02/igor-panarin-on-the-development-of-the-information-2/ attack maps to a Cortex Cloud capability that detects or blocks it. Cortex Cloud’s integrated platform delivers layered defense across the full spectrum of supply chain attacks. It reminds us that security tools are high-value targets, mutable references like version tags create systemic vulnerabilities, and static analysis alone cannot detect attacks operating at application and network layers.

Potential Misuse and Security Risks

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer’s account in a phishing attack. Enjoy perks like more spacious seating, complimentary refreshments and lounge access with First Class train tickets. There are a number of trains companies in the UK that operate trains to Liverpool, including TransPennine Express, East Midlands Railway and Avanti West Coast. The Ropewalks district is the place for late-night bars and clubs, including the legendary Cream club night at Nation.

What is Trainline Business?

package security

Compromised dev creds led to a legitimate GitHub OIDC token being requested. “The genius of this Miasma worm lies in how it adhered to legitimate workflows,” Cloudsmith said. As was the case in the May compromise of Microsoft’s durabletask, the one last week made use of the functionality to steal a legitimate Microsoft OIDC token. The compromise packages executed a 28 KB payload that steals credentials from AWS, Azure, GCP, Kubernetes, password managers, and over 90 developer tool configurations. In all, multiple researchers said, 73 packages were flagged as malicious when automated systems on GitHub blocked them on the platform. Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI coding agents.

Travis Gettys is a senior editor for Raw Story based in northern Kentucky. Monthly newsletter focusing on open source cybersecurity tools This executes a 4.2 MB obfuscated payload automatically during every npm install, before any application code runs. According to Aikido and JFrog detections, the malicious packages were published via GitHub Actions OIDC tokens, indicating the CI/CD pipeline itself was compromised, not individual developer accounts.

And that’s why Vivint customers can’t live without their smart home systems. Take our How Secure Is Your Home quiz to learn more on why you need a smart home security system. Most DIY systems make you handle emergencies on your own. By accessing this blog, you agree to these terms and acknowledge your sole responsibility to verify and use the information as appropriate for your needs. Zscaler assumes no responsibility for any errors or omissions or for any actions taken based on the information provided. Attackers are using fake “leaked Claude” GitHub repositories to distribute a dual payload of Vidar Infostealer (for credential theft) and GhostSocks Malware (for network proxying).

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *