On August 26, 2025, a sophisticated supply chain cyberattack called 's1ngularity' targeted the Nx build platform, infecting npm packages with credential-stealing malware and exfiltrating thousands of developer secrets.

This attack specifically exploited Nx versions 20.9.0 to 21.8.0, impacting a significant number of developers and AI platform users by stealing sensitive credentials.

The attackers stole over 2,300 secrets, including GitHub tokens, npm keys, AWS credentials, and API keys for AI tools like Gemini, Claude, and Q, aiming to access user accounts and systems.

Among the stolen secrets, about half remained valid, posing immediate security risks for organizations using affected credentials.

GitGuardian's analysis identified over 1,346 repositories used by attackers to store the stolen data, with more than 2,349 secrets detected, over 1,000 of which were still active.

GitHub responded swiftly by removing many compromised repositories, but GitGuardian's monitoring captured the breach's scope during its brief window of activity.

The attack primarily affected macOS systems, which comprised 85% of infected devices, highlighting its disproportionate impact on Apple-based developers.

The incident underscores the importance of immediate credential revocation, comprehensive secrets inventories, automated rotation, and proactive scanning throughout the development lifecycle to defend against such supply chain threats.

A focus of the attack was targeting Large Language Model (LLM) clients like Claude, Gemini, and Q, which were exploited for their privileged access to development environments.

The malware scanned infected systems for secrets in environment variables, configuration files, SSH keys, and cryptocurrency wallets, then encoded and uploaded the data to public GitHub repositories.

In addition to data theft, the malware installed destructive payloads that modified terminal startup files, causing crashes on infected systems.

Many AI tools targeted by the attack resisted malicious commands, with some AI clients refusing to execute or flagging suspicious requests, adding an unintentional layer of security.