A supply chain attack compromised the popular open-source nx build system, which has over 3.5 million weekly npm downloads, by injecting malicious package versions that exfiltrate credentials and system information.

Attackers exploited a vulnerability in the system to exfiltrate npm tokens and publish malicious packages containing scripts that scan for sensitive files, gather credentials, and execute shutdown commands on infected systems.

The malicious code included post-install scripts that modified terminal configurations, scanned for credentials, and sent data to attacker-controlled webhooks, affecting primarily Linux and macOS environments.

The malware employed AI CLI tools with dangerous flags to perform malicious reconnaissance and secret extraction, marking a novel use of AI assistants in supply chain attacks, with most infected systems (85%) being on macOS.

The malware also contained destructive routines that modified shell startup files to crash host machines, causing potential chaos in development environments.

Stolen secrets, including GitHub OAuth keys, API keys for Google AI, OpenAI, AWS, and others, were encoded and stored in over 1,300 GitHub repositories, with nearly 1,400 repositories publicly accessible at the peak of the attack.

Security experts detected over 2,300 leaked credentials, many still active, highlighting ongoing risks from exposed secrets like GitHub tokens, npm tokens, and cloud API keys.

The root cause was a vulnerability in the pull_request_target workflow trigger, which runs with elevated permissions, allowing attackers to execute malicious commands via crafted PR titles and access the npm token.

In response, the nx team removed compromised packages from npm, rotated tokens, conducted security audits, and enforced two-factor authentication for package publishing.

The incident underscores the importance of rapid secret rotation, real-time detection, and improved security practices to defend against sophisticated supply chain attacks.

Most infected systems, about 85%, operated on macOS, indicating a significant impact on Apple developer environments.

Security experts warn that such attacks are becoming increasingly sophisticated, especially with the misuse of AI tools and large language models, emphasizing the need for immediate remediation.