Researchers at Wiz, a cloud security software company, have released new findings on the recent compromise of the Nx JavaScript framework, revealing a multi-phase supply chain attack that affected thousands of users and involved experimental use of AI-assisted malware.
The incident began with the compromise of an npm publishing token through a vulnerable GitHub Action. Attackers used the token to upload modified versions of Nx packages, which, once installed, harvested environment variables, GitHub and npm tokens, and selected local files. The stolen data was uploaded to GitHub under repositories labeled “s1ngularity-repository,” created using victims’ own credentials.
Wiz identified three distinct phases in the campaign: initial malware deployment and exfiltration, mass exposure of private repositories using compromised GitHub tokens, and a targeted leak of repositories from a single organization. In total, over 1,700 users had data leaked, with more than 6,700 private repositories made public.
Wiz’s security report also details attacker behavior, including the use of GitHub CLI for exfiltration, TOR-based access, and automation scripts. GitHub has since revoked thousands of leaked tokens, but they warn that some compromised credentials, including npm tokens, remain active.
The attack follows earlier GitHub Action-related incidents, but this campaign resulted in widespread exposure, highlighting persistent risks in software supply chains.
A notable aspect of the attack was its use of AI command-line tools such as Claude and Gemini to attempt file discovery on infected systems. While success rates for AI-driven exfiltration were low, with technical issues and model safety features preventing full execution in most cases, the integration of AI tools represents a shift in attacker tactics and an area of growing concern.
For further technical details, attacker behaviors, and indicators of compromise, view the full report on Wiz’s official blog post here.
Leave a Reply