Nx Build System Package Compromised with Data-Stealing Malware

On August 26, 2025, the popular Nx build system package on npm was compromised with data-stealing malware. The malicious versions were live for just over five hours, potentially affecting thousands of developers. The malware targeted SSH keys, npm tokens, and .gitconfig files, and even leveraged AI CLI tools like Claude, Gemini, and q for reconnaissance and data exfiltration. The attack originated from a compromised maintainer account via a leaked token, with a secondary wave exploiting stolen credentials to expose private repositories. Immediate remediation includes securing repositories, isolating affected users, and revoking access tokens, while developers are advised to check for compromised versions and strengthen supply chain security.

https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware

Comments

Popular posts from this blog

Secure Vibe Coding Guide: Best Practices for Writing Secure Code

KEVIntel: Real-Time Intelligence on Exploited Vulnerabilities

OWASP SAMM Skills Framework Enhances Software Security Roles