PhantomRaven is a malware campaign targeting the npm package ecosystem, identified by Koi Security in late 2025. It involves 126 malicious npm packages that collectively have over 86,000 installs. The attack leverages Remote Dynamic Dependencies (RDD), where malicious code is not embedded directly in the npm package but fetched dynamically from an attacker-controlled URL (packages.storeartifact[.]com) during package installation. This technique evades static analysis and dependency scanning tools because npmjs.com does not follow these external URLs, causing security scanners to see these packages as having zero dependencies. The malicious payload is executed via npm lifecycle scripts (preinstall hooks) automatically during installation, requiring no user interaction. Once executed, the malware scans the developer's environment for sensitive information such as GitHub tokens, CI/CD secrets, email addresses, system fingerprints, and public IP addresses, then exfiltrates this data to the attacker’s server. The attackers use slopsquatting, registering package names that appear plausible but are AI-generated hallucinations, increasing the likelihood of developer trust and installation. The campaign demonstrates advanced evasion techniques and exploitation of trust in open-source ecosystems, posing a significant threat to software supply chains and developer environments.

For European organizations, PhantomRaven poses a significant risk to the integrity and confidentiality of software development processes. Stolen GitHub tokens and CI/CD secrets can lead to unauthorized access to source code repositories, enabling attackers to inject malicious code, steal intellectual property, or disrupt software delivery pipelines. This can result in widespread supply chain compromises affecting downstream users and customers. The stealthy nature of the attack, bypassing traditional security tools, increases the likelihood of prolonged undetected presence, amplifying potential damage. Organizations relying heavily on npm packages for development, especially those with automated CI/CD workflows, face elevated risks. The exposure of developer credentials can also facilitate lateral movement within corporate networks, potentially leading to broader enterprise compromise. Additionally, the reputational damage and regulatory consequences under GDPR for data breaches involving personal or sensitive information could be severe for affected European entities.

European organizations should implement advanced detection mechanisms capable of identifying Remote Dynamic Dependencies (RDD) and monitor network traffic for suspicious external fetches during package installations. Enforce strict policies to vet and whitelist npm packages, especially those with low download counts or suspicious naming patterns indicative of slopsquatting. Integrate runtime monitoring of lifecycle scripts execution and restrict or sandbox their capabilities where possible. Employ secrets scanning tools to detect exposed tokens in developer environments and repositories. Educate developers about the risks of installing unverified packages and promote the use of internal package registries or mirrors that block external dependencies. Regularly rotate and audit GitHub tokens and CI/CD credentials to limit the impact of potential leaks. Collaborate with npm and security communities to report and remove malicious packages promptly. Finally, enhance endpoint detection and response (EDR) capabilities to identify anomalous behaviors related to credential theft and data exfiltration.