- When a token with publishing rights was stolen, multiple poisoned Nx variants were released
- The malware stole secrets and other important data
- The attack lasted a few hours, but could be causing damage still
Countless software developers, likely including those within Fortune 500 companies, were victims of a supply chain attack after Nx, the open source build system and development toolkit, was compromised.
In an announcement posted on GitHub, Nx said, “malicious versions of Nx and some supporting plugins were published” on NPM.
At the same time, security researchers Wiz released a separate announcement, saying the malicious versions were carrying infostealing malware, grabbing secrets such as GitHub and NPM tokens, SSH keys, crypto wallet information, and more, from attacked developers.
Thousands of leaked tokens
How Nx was compromised remains unknown – Wiz believes the threat actors managed to get ahold of a token with publishing rights, which enabled them to push malicious versions to NPM, despite all maintainers having two-factor authentication (2FA) enabled at the time of the attack. Apparently, 2FA was not needed to publish the packages.
The attack lasted approximately four hours, before NPM removed all of the poisoned versions.
Nx did not discuss how many companies might have been struck in this supply chain attack, but Wiz told The Register via email that more than 1,000 valid GitHub tokens were leaked. Furthermore, the attackers stole around 20,000 files and “dozens” of valid cloud credentials and NPM tokens.
Affected users should reach out to Nx’s support team for help.
Both NPM and Nx are hugely popular in the software development community, with more than 70% of Fortune 500 companies are allegedly using it, so it’s perhaps not surprising it is under constant attack.
However, security researchers Step Security found something unique: the malware “weaponized AI CLI tools (including Claude, Gemini, and q) to aid in reconnaissance and data exfiltration – marking the first known case where attackers have turned developer AI assistants into tools for supply chain exploitation.”
“This technique forces the AI tools to recursively scan the file system and write discovered sensitive file paths to /tmp/inventory.txt, effectively using legitimate tools as accomplices in the attack.”
You might also like
link