AsyncAPI npm packages infected with credential-stealing malware
Five malicious versions of AsyncAPI npm packages were published in a supply-chain attack that delivered a remote access trojan with credential and information-stealing capabilities. The attacker exploited a misconfigured GitHub Actions workflow to inject malware into legitimate release workflows, resulting in trojanized packages with valid provenance attestations. The malware includes a multi-stage payload that establishes persistence and communicates with command-and-control servers over multiple channels. Although some automated data harvesting functions reportedly do not work, manual exploitation remains possible. The malicious packages have been removed from npm, but existing installations and lock files may still contain the infected versions. The exposure window lasted approximately four hours on July 14, 2026. Recommended mitigation includes pinning to known-good versions, regenerating lock files, removing malicious payloads, terminating malicious processes, and rotating credentials.
AI Analysis
Technical Summary
This threat involves a supply-chain attack on the AsyncAPI npm packages where an attacker compromised two AsyncAPI GitHub repositories by exploiting a misconfigured GitHub Actions CI/CD pipeline. The attacker pushed commits under a placeholder identity, allowing the legitimate release workflows to publish trojanized packages with valid SLSA provenance attestations. The infected packages include @asyncapi/generator 3.3.1, @asyncapi/generator-helpers 1.1.1, @asyncapi/generator-components 0.7.1, and @asyncapi/specs 6.11.2-alpha.1 and 6.11.2. The malware is a multi-stage remote access trojan that downloads a large modular malware framework from IPFS, establishes persistence, and communicates with C2 servers via HTTP, Nostr relays, Ethereum smart contracts, and libp2p mesh networks. Its primary purpose is stealing credentials, authentication keys, tokens, browser data, CI/CD secrets, cryptocurrency wallets, and databases. Some automated data harvesting functions are non-functional, but manual exploitation is possible. The malware avoids infecting systems in Russia. The malicious packages have been removed from npm, but residual risk remains from existing installations and lock files created during the exposure window of about four hours on July 14, 2026.
Potential Impact
The attack compromises the integrity of AsyncAPI npm packages by injecting a remote access trojan capable of stealing sensitive information such as credentials, authentication tokens, browser data, CI/CD secrets, cryptocurrency wallets, and databases. The malware establishes persistence and communicates with multiple command-and-control channels, enabling ongoing unauthorized access and data exfiltration. Although some automated data collection features are reportedly non-functional, attackers can manually leverage the shell to harvest data. The presence of malicious versions in existing installations and lock files poses a continued risk until remediated.
Mitigation Recommendations
All five malicious package versions have been removed from npm. Developers should pin dependencies to known-good versions and regenerate lock files to avoid installing the trojanized packages. It is critical to remove the hidden malicious payload file 'NodeJS/sync.js' from affected systems, terminate any running malicious processes, and rotate all credentials and secrets that may have been exposed. These steps address the residual risk from the exposure window between 07:10 and 11:18 UTC on July 14, 2026. No official patch is applicable since this is a supply-chain compromise; remediation depends on cleaning affected environments and updating dependencies.
AsyncAPI npm packages infected with credential-stealing malware
Description
Five malicious versions of AsyncAPI npm packages were published in a supply-chain attack that delivered a remote access trojan with credential and information-stealing capabilities. The attacker exploited a misconfigured GitHub Actions workflow to inject malware into legitimate release workflows, resulting in trojanized packages with valid provenance attestations. The malware includes a multi-stage payload that establishes persistence and communicates with command-and-control servers over multiple channels. Although some automated data harvesting functions reportedly do not work, manual exploitation remains possible. The malicious packages have been removed from npm, but existing installations and lock files may still contain the infected versions. The exposure window lasted approximately four hours on July 14, 2026. Recommended mitigation includes pinning to known-good versions, regenerating lock files, removing malicious payloads, terminating malicious processes, and rotating credentials.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This threat involves a supply-chain attack on the AsyncAPI npm packages where an attacker compromised two AsyncAPI GitHub repositories by exploiting a misconfigured GitHub Actions CI/CD pipeline. The attacker pushed commits under a placeholder identity, allowing the legitimate release workflows to publish trojanized packages with valid SLSA provenance attestations. The infected packages include @asyncapi/generator 3.3.1, @asyncapi/generator-helpers 1.1.1, @asyncapi/generator-components 0.7.1, and @asyncapi/specs 6.11.2-alpha.1 and 6.11.2. The malware is a multi-stage remote access trojan that downloads a large modular malware framework from IPFS, establishes persistence, and communicates with C2 servers via HTTP, Nostr relays, Ethereum smart contracts, and libp2p mesh networks. Its primary purpose is stealing credentials, authentication keys, tokens, browser data, CI/CD secrets, cryptocurrency wallets, and databases. Some automated data harvesting functions are non-functional, but manual exploitation is possible. The malware avoids infecting systems in Russia. The malicious packages have been removed from npm, but residual risk remains from existing installations and lock files created during the exposure window of about four hours on July 14, 2026.
Potential Impact
The attack compromises the integrity of AsyncAPI npm packages by injecting a remote access trojan capable of stealing sensitive information such as credentials, authentication tokens, browser data, CI/CD secrets, cryptocurrency wallets, and databases. The malware establishes persistence and communicates with multiple command-and-control channels, enabling ongoing unauthorized access and data exfiltration. Although some automated data collection features are reportedly non-functional, attackers can manually leverage the shell to harvest data. The presence of malicious versions in existing installations and lock files poses a continued risk until remediated.
Mitigation Recommendations
All five malicious package versions have been removed from npm. Developers should pin dependencies to known-good versions and regenerate lock files to avoid installing the trojanized packages. It is critical to remove the hidden malicious payload file 'NodeJS/sync.js' from affected systems, terminate any running malicious processes, and rotate all credentials and secrets that may have been exposed. These steps address the residual risk from the exposure window between 07:10 and 11:18 UTC on July 14, 2026. No official patch is applicable since this is a supply-chain compromise; remediation depends on cleaning affected environments and updating dependencies.
Technical Details
- Article Source
- {"url":"https://www.bleepingcomputer.com/news/security/-asyncapi-npm-packages-infected-with-credential-stealing-malware/","fetched":true,"fetchedAt":"2026-07-15T15:47:38.997Z","wordCount":861}
Threat ID: 6a57ab9b68715ace43fd775a
Added to database: 07/15/2026, 15:47:39 UTC
Last enriched: 07/15/2026, 15:48:15 UTC
Last updated: 07/15/2026, 16:55:12 UTC
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.