US EditionNx NPM Packages Poisoned in AI-Assisted Supply Chain Attack
Malicious Nx package versions uploaded to the NPM registry on Aug 26 harvested over 1,000 GitHub tokens and 20,000 files, exploiting AI tools for sophisticated credential theft.
7 Articles
7 Articles
[tl;dr Sec] #294 - Nx Backdoored, AI-powered Ransomware, PhrackCTF - Cybernoz - Cybersecurity News
* + * { margin-left: 1rem; } @media (min-width: 768px) { .bh__byline_wrapper { display: flex; } .bh__byline_social_wrapper { margin-top: 0rem; } } ]]> Nx malware uses AI CLIs to find secrets, ESET discovers malware sample leveraging OpenAI’s OSS model, binary exploitation CTF for Phrack’s 40th I hope you’ve been doing well! Touching Grass It’s late, so I will just share this meme. Thoughtful intro next time! What happens when 100 analysts t…
NPM packages from Nx targeted in latest worrying software supply chain attack - WorldNL Magazine
(Image Credit: TheDigitalArtist / Pixabay) (Image credit: Pixabay) When a token with publishing rights was stolen, multiple poisoned Nx variants were releasedThe malware stole secrets and other important dataThe attack lasted a few hours, but could be causing damage stillCountless software developers, likely including those within Fortune 500 companies, were victims of a supply chain attack after Nx, the open source build system and development…
Wave of npm supply chain attacks exposes thousands of enterprise developer credentials
A sophisticated supply chain attack has compromised the widely-used Nx build system package and exposed thousands of enterprise developer credentials. The campaign weaponized artificial intelligence tools to enhance data theft operations across enterprise development environments, according to a new report from security firm Wiz. The attack began on August 26, 2025, when threat actors published multiple malicious versions of Nx packages to the n…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
