Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Ongoing Supply Chain Attack Involving npm Packages
Alerts

Ongoing Supply Chain Attack Involving npm Packages

23 September 2025

Security researchers have identified compromised npm packages containing a malicious self-propagating payload designed to infect other packages.

Background

There are reports of npm (Node Package Manager) repository supply chain attacks in recent months. Dubbed 'Shai-Hulud', the coordinated worm-style campaign began with the compromise of the @ctrl/tinycolor npm package.

Since its disclosure, security researchers have identified over 180 npm packages compromised in the ongoing supply chain attack, with a malicious self-propagating payload used to infect other packages.

What is npm?

npm is the default package manager for Node.js, widely used in modern software development. It hosts a large open-source ecosystem where developers publish and consume reusable code modules.

Many applications, websites, and enterprise platforms depend on npm packages. A single compromised package can cascade across thousands of projects, amplifying the risk in the software supply chain due to the transitive dependency model.

Tactics, Techniques and Procedures (TTPs)

The compromised npm versions have been observed to include a self-propagating mechanism that targets other packages by the same maintainer. The malware downloads each package by a maintainer, modifies its package.json, injects a bundle.js script before repacking the archive and republishing it.

The malicious bundle.js script typically follows the five-step process:

  1. Download and execute the legitimate secret scanning tool, TruffleHog

  1. Search the host for secrets like tokens and cloud credentials

  1. Check if the discovered developer and CI credentials are valid

  1. Create unauthorised GitHub Actions workflows within repositories

  1. Exfiltrate sensitive data to a hardcoded webhook endpoint

TruffleHog is a legitimate secret scanner that can be used by developers and security professionals to find accidentally leaked sensitive information like API keys, passwords, and tokens within code repositories and other data sources. The malicious bundle.js script abuses TruffleHog to search the host for tokens and cloud credentials.

Impact

Installing a malicious version of a npm package (or a dependent package) on developer workstations could result in the malicious code being bundled into built applications. Alternatively, a CI/CD workflow might pull the latest available version of a package (or a dependent package), and use the compromised npm package as part of a build pipeline.

Some of the risks of using compromised npm packages include:

  • Applications and services that automatically pulled updates may have incorporated malicious code, which could be used to propagate malware.

  • Malware execution in their build systems and production environments, with potential infrastructure exposure and exfiltration of sensitive data.

  • End users, particularly those using cryptocurrency wallets, could have their transactions intercepted or redirected to attacker-controlled wallets.

How to Protect Your Organisation

Organisations are advised to adopt the following mitigation measures to safeguard themselves against the npm campaign:

  • Audit your environments and logs for signs of compromise: Search your organisation's lockfiles, including package-lock.json, pnpm-lock.yaml, yarn.lock, and your artifact registry for compromised npm packages. A list of compromised npm packages is available here.

  • Rotate all secrets and CI/CD tokens: Any device confirmed to be running trojanised versions of npm packages should be quarantined until fully remediated, and any accessible secrets should be rotated. As a precaution, organisations may consider rotating these credentials across development environments where npm packages are regularly installed.

  • Monitor for suspicious connections: Threat actors have been observed creating outbound connections to the webhook[.]site domain as a means of confirming that propagation was successful. Organisations may consider blocking this domain if this service is not used for legitimate purposes in your environment.

References

https://docs.npmjs.com/about-npm

https://arcticwolf.com/resources/blog-uk/wormable-malware-cause-supply-chain-compromise-of-npm-code-packages/

https://www.wiz.io/blog/widespread-npm-supply-chain-attack-breaking-down-impact-scope-across-debug-chalk

https://www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/amp/

https://www.paloaltonetworks.com/blog/cloud-security/npm-supply-chain-attack/

Back to top