Threats Tagged 'supply chain attack'

A coordinated supply chain attack compromised over 140 Mastra npm packages by injecting a typosquatted dependency named easy-day-js. The malicious code executes during npm install via a postinstall hook, deploying a two-stage payload that disables TLS validation and installs a cross-platform implant on Windows, macOS, and Linux. This implant acts as a command-and-control client capable of stealing cryptocurrency wallet data from over 166 browser extensions, harvesting browser history, and executing arbitrary code. The attack affects popular packages including @mastra/core, which has high weekly downloads, compromising developer systems during package installation.

A sophisticated supply chain attack campaign has expanded to 471 affected artifacts across npm and PyPI, targeting developers through malicious packages. The campaign uses three distinct delivery methods: executable .pth startup hooks, trojanized native .abi3.so extensions that execute at import time, and a split loader-payload architecture that searches Python's sys.path. Twenty-three newly identified PyPI packages masquerade as bioinformatics tools, AI frameworks, and popular libraries like requests and Flask. The attack deploys heavily obfuscated JavaScript stealers via Bun runtime, harvesting high-value credentials including GitHub tokens, npm registry access, cloud credentials, SSH keys, and CI/CD secrets. The malware employs anti-analysis techniques with fake LLM prompt-injection headers designed to disrupt AI-assisted security scanners, while targeting developer workstations and automated build environments.

A coordinated PyPI compromise campaign involving 37 malicious wheel artifacts across 19 packages was detected, utilizing Python startup hooks to execute credential-stealing payloads. The attack leverages .pth files for automatic execution during Python interpreter startup, downloads the Bun JavaScript runtime, and runs obfuscated JavaScript payloads. The malware targets high-value developer and CI/CD credentials including GitHub, npm, PyPI, cloud providers (AWS, GCP, Azure), Kubernetes, Vault, SSH keys, and AI tool tokens. This represents a PyPI branch of the Shai-Hulud/Miasma campaign family, using a Hades-themed variant for GitHub exfiltration. Compromised packages included established bioinformatics tools with significant download counts, stemming from apparent maintainer account takeover. The payload employs multi-layer obfuscation, AES-GCM encryption, and exfiltrates data through GitHub repositories with distinctive markers. The campaign demonstrates cross-runtime attack capabilities and ecosystem-spe...

Microsoft Threat Intelligence discovered a large-scale npm supply chain attack compromising 32 malicious packages across over 90 versions under the @redhat-cloud-services scope. The compromise originated from the RedHatInsights/javascript-clients CI/CD pipeline, enabling attackers to publish trojanized packages through legitimate GitHub Actions OIDC workflows with authentic provenance signatures. The malicious packages executed a heavily obfuscated 4.29 MB dropper via npm preinstall hooks, which downloaded the Bun JavaScript runtime and launched payloads designed to harvest credentials from GitHub, npm, AWS, Azure, GCP, HashiCorp Vault, Kubernetes, and developer systems. The malware scraped GitHub Actions runner memory for secrets, escalated privileges using passwordless sudo, exfiltrated stolen data through GitHub infrastructure, and propagated by compromising additional maintainer packages with forged SLSA provenance. The campaign marker "Miasma: The Spreading Blight" was embedded throughout the malicious

A supply chain attack compromised multiple @redhat-cloud-services npm packages, executing malicious payloads automatically during installation via preinstall hooks. The attack uses AES-GCM encrypted payloads and obfuscated JavaScript loaders to harvest GitHub Actions secrets, npm tokens, cloud credentials (AWS, Azure, GCP), Kubernetes and Vault material, SSH keys, Git credentials, and cryptocurrency wallet files. The payload can daemonize on developer workstations, includes Russian-locale avoidance mechanisms, and exfiltrates stolen data through encrypted HTTPS channels with GitHub API fallback mechanisms. The campaign employs tactics similar to the publicly released Shai-Hulud toolkit, though attribution remains unclear due to the availability of open-source attack tooling.

JINX-0164, a financially motivated threat actor active since mid-2025, has been conducting sophisticated campaigns against cryptocurrency organizations. The actor employs LinkedIn-based social engineering, posing as recruiters or business partners to deliver custom macOS malware including AUDIOFIX (a Python-based infostealer and RAT) and MINIRAT (a lightweight Go backdoor). Their operations focus on compromising developer endpoints to steal cryptocurrency wallet credentials, cloud secrets, and GitHub tokens. The attackers then pivot to CI/CD infrastructure, injecting malicious code into repositories to enable lateral movement. In April 2026, they executed a supply chain attack by trojanizing the npm package @velora-dex/sdk. The group masks activity using VPN services and demonstrates advanced capabilities including credential harvesting from password managers, browser extensions, and development tools.

Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.

A sophisticated supply chain campaign targeting the open source developer ecosystem has emerged, compromising NPM packages in the @antv namespace, GitHub Actions including actions-cool/issues-helper, and the VSCode extension nrwl.angular-console. The malware initiates multi-stage infection chains using GitHub-hosted infrastructure and orphaned commits to deploy payloads via bun. It harvests extensive credentials including GitHub tokens, SSH keys, cloud credentials, and browser secrets, exfiltrating data through attacker-controlled public GitHub repositories. The campaign establishes persistence through a Python backdoor that polls GitHub for signed commands containing specific trigger strings, enabling remote code execution. Infrastructure analysis and operational patterns indicate moderate confidence attribution to the threat actor TeamPCP.

Microsoft identified an active supply chain attack targeting the @antv npm package ecosystem. A threat actor compromised an @antv maintainer account and published malicious versions of widely used data-visualization packages, affecting libraries like echarts-for-react with over 1 million weekly downloads. The attack propagates through dependency chains into CI/CD pipelines and cloud workloads. A 499 KB obfuscated JavaScript payload executes silently during npm install, specifically designed to steal credentials from GitHub Actions environments. Key capabilities include multi-platform credential theft (GitHub, AWS, HashiCorp Vault, npm, Kubernetes, 1Password), GitHub Action Runner process memory scraping, privilege escalation, dual-channel data exfiltration, and SLSA provenance forgery. The payload targets CI/CD environments deliberately, with over 2,200 compromised repositories observed. GitHub responded by removing 640 malicious packages and invalidating 61,274 npm tokens.

A sophisticated npm supply chain attack was uncovered involving the typosquatted package crypto-javascri, designed to mimic the legitimate crypto-js library. The malware harvests npm and GitHub credentials from infected systems, hijacks maintainer accounts, and automatically republishes trojanized versions of packages under trusted identities. The final payload incorporates a weaponized Arti Tor client with credential theft, cryptomining capabilities, privilege escalation via SUID exploitation, and systemd-based persistence mechanisms. The campaign specifically targets Linux developer systems and CI/CD environments, using Tor-based command-and-control infrastructure to maintain anonymity and resilience. The attack creates significant downstream supply chain risk through its worm-like propagation model.