Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages
A suspected supply chain attack compromised multiple npm packages in the SAP JavaScript and cloud application development ecosystem, including mbt@1. 2. 48, @cap-js/db-service@2. 10. 1, @cap-js/postgres@2. 2. 2, and @cap-js/sqlite@2. 2. 2. The compromised packages contained malicious preinstall scripts that download and execute Bun binaries from GitHub, running obfuscated payloads to steal credentials from developer machines and CI/CD environments.
AI Analysis
Technical Summary
Multiple npm packages related to SAP CAP and Cloud MTA development were compromised in a supply chain attack attributed to the adversary TeamPCP. The affected package versions introduced malicious preinstall scripts that download and execute Bun binaries hosted on GitHub. These binaries run heavily obfuscated payloads designed to harvest sensitive credentials such as SSH keys, cloud service credentials, npm tokens, GitHub access tokens, cryptocurrency wallets, and CI/CD secrets directly from memory in developer and CI/CD environments. The stolen data is encrypted and exfiltrated through GitHub repositories created under the victim's accounts. The malware also attempts to propagate by injecting malicious code into additional npm packages using stolen npm tokens and maintains persistence by modifying VSCode and Claude IDE configurations. The attack leverages supply chain compromise to infiltrate development environments and steal sensitive credentials, but no known exploits in the wild or official patches are currently documented.
Potential Impact
The attack results in credential theft from developer machines and CI/CD environments, including SSH keys, cloud credentials, npm tokens, GitHub access tokens, cryptocurrency wallets, and CI/CD secrets. This can lead to unauthorized access to source code repositories, cloud infrastructure, package publishing accounts, and potentially financial assets. The malware's ability to self-propagate and establish persistence increases the risk of prolonged compromise and further spread within affected development ecosystems. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official patches or updates are released, developers should avoid using the affected package versions (mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2, @cap-js/sqlite@2.2.2). Review and revoke any potentially compromised credentials such as npm tokens, GitHub tokens, SSH keys, and cloud credentials. Inspect and clean developer and CI/CD environments for unauthorized Bun binaries and suspicious preinstall scripts. Monitor for unauthorized GitHub repository creations under your accounts. Remove any persistence mechanisms in VSCode and Claude IDE configurations. Follow updates from SAP and npm regarding patches or further mitigation steps.
Indicators of Compromise
- hash: 35baf8316645372eea40b91d48acb067
- hash: 4066781fa830224c8bbcc3aa005a396657f9c8f9016f9a64ad44a9d7f5f45e34
- hash: 6f933d00b7d05678eb43c90963a80b8947c4ae6830182f89df31da9f568fea95
- hash: 80a3d2877813968ef847ae73b5eeeb70b9435254e74d7f07d8cf4057f0a710ac
- hash: eb6eb4154b03ec73218727dc643d26f4e14dfda2438112926bb5daf37ae8bcdb
Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages
Description
A suspected supply chain attack compromised multiple npm packages in the SAP JavaScript and cloud application development ecosystem, including mbt@1. 2. 48, @cap-js/db-service@2. 10. 1, @cap-js/postgres@2. 2. 2, and @cap-js/sqlite@2. 2. 2. The compromised packages contained malicious preinstall scripts that download and execute Bun binaries from GitHub, running obfuscated payloads to steal credentials from developer machines and CI/CD environments.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Multiple npm packages related to SAP CAP and Cloud MTA development were compromised in a supply chain attack attributed to the adversary TeamPCP. The affected package versions introduced malicious preinstall scripts that download and execute Bun binaries hosted on GitHub. These binaries run heavily obfuscated payloads designed to harvest sensitive credentials such as SSH keys, cloud service credentials, npm tokens, GitHub access tokens, cryptocurrency wallets, and CI/CD secrets directly from memory in developer and CI/CD environments. The stolen data is encrypted and exfiltrated through GitHub repositories created under the victim's accounts. The malware also attempts to propagate by injecting malicious code into additional npm packages using stolen npm tokens and maintains persistence by modifying VSCode and Claude IDE configurations. The attack leverages supply chain compromise to infiltrate development environments and steal sensitive credentials, but no known exploits in the wild or official patches are currently documented.
Potential Impact
The attack results in credential theft from developer machines and CI/CD environments, including SSH keys, cloud credentials, npm tokens, GitHub access tokens, cryptocurrency wallets, and CI/CD secrets. This can lead to unauthorized access to source code repositories, cloud infrastructure, package publishing accounts, and potentially financial assets. The malware's ability to self-propagate and establish persistence increases the risk of prolonged compromise and further spread within affected development ecosystems. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official patches or updates are released, developers should avoid using the affected package versions (mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2, @cap-js/sqlite@2.2.2). Review and revoke any potentially compromised credentials such as npm tokens, GitHub tokens, SSH keys, and cloud credentials. Inspect and clean developer and CI/CD environments for unauthorized Bun binaries and suspicious preinstall scripts. Monitor for unauthorized GitHub repository creations under your accounts. Remove any persistence mechanisms in VSCode and Claude IDE configurations. Follow updates from SAP and npm regarding patches or further mitigation steps.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://socket.dev/blog/sap-cap-npm-packages-supply-chain-attack"]
- Adversary
- TeamPCP
- Pulse Id
- 69f29e7de2c7e622090df108
- Threat Score
- null
Indicators of Compromise
Hash
| Value | Description | Copy |
|---|---|---|
hash35baf8316645372eea40b91d48acb067 | — | |
hash4066781fa830224c8bbcc3aa005a396657f9c8f9016f9a64ad44a9d7f5f45e34 | — | |
hash6f933d00b7d05678eb43c90963a80b8947c4ae6830182f89df31da9f568fea95 | — | |
hash80a3d2877813968ef847ae73b5eeeb70b9435254e74d7f07d8cf4057f0a710ac | — | |
hasheb6eb4154b03ec73218727dc643d26f4e14dfda2438112926bb5daf37ae8bcdb | — |
Threat ID: 69f30676cbff5d86109ec9e0
Added to database: 4/30/2026, 7:36:22 AM
Last enriched: 4/30/2026, 7:51:33 AM
Last updated: 4/30/2026, 10:04:06 PM
Views: 31
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.