top of page
perceptive_background_267k.jpg

New npm supply-chain attack self-spreads to steal auth tokens

Published:

22 April 2026 at 12:57:42

Alert date:

22 April 2026 at 13:02:25

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Supply Chain & Dependencies, Ransomware & Malware, Data Breach & Exfiltration

A new supply chain attack is targeting the Node Package Manager (npm) ecosystem by stealing developer credentials and attempting to spread through packages published from compromised accounts. The attack focuses on stealing authentication tokens from developers. The malware self-propagates by using compromised developer accounts to publish malicious packages. This represents an active threat to the npm ecosystem and software supply chain security. The attack methodology involves credential theft and package repository compromise.

Technical details

A supply chain worm attack targeting npm ecosystem that steals developer credentials and self-propagates through compromised packages. The malware collects sensitive data including tokens, API keys, SSH keys, cloud service credentials, CI/CD systems, registries, LLM platforms, and Kubernetes/Docker configs. It also extracts data from Chrome and Firefox browsers including cryptocurrency wallets (MetaMask, Exodus, Atomic Wallet, Phantom). The malware searches for npm publish tokens in environment variables or ~/.npmrc files, identifies packages the victim can publish, injects payload, and republishes with increased version numbers. It also targets PyPI credentials for Python packages using .pth-based payload, making it a multi-ecosystem attack.

Mitigation steps:

Remove all listed malicious package versions from systems and CI/CD pipelines immediately. Rotate all potentially exposed secrets and credentials. Remove packages from development and CI/CD systems. Look for internal package mirrors, artifacts, and caches. Audit for related packages with the same public.pem file, same webhook host, or same postinstall pattern. Use indicators of compromise provided by Socket and StepSecurity to identify compromised development environments.

Affected products:

@automagik/genie versions 4.260421.33-4.260421.39
pgserve versions 1.1.11–1.1.13
@fairwords/websocket versions 1.0.38-1.0.39
@fairwords/loopback-connector-es versions 1.4.3-1.4.4
@openwebconcept/theme-owc@1.0.3
@openwebconcept/design-tokens@1.0.3
npm ecosystem
PyPI ecosystem
Chrome browser
Firefox browser
MetaMask wallet
Exodus wallet
Atomic Wallet
Phantom wallet

Related links:

https://www.bleepingcomputer.com/news/security/teampcp-deploys-iran-targeted-wiper-in-kubernetes-attacks/
https://socket.dev/blog/namastex-npm-packages-compromised-canisterworm
https://www.stepsecurity.io/blog/pgserve-compromised-on-npm-malicious-versions-harvest-credentials

Related CVE's:

Related threat actors:

IOC's:

@automagik/genie (4.260421.33-4.260421.39), pgserve (1.1.11–1.1.13), @fairwords/websocket (1.0.38-1.0.39), @fairwords/loopback-connector-es (1.4.3-1.4.4), @openwebconcept/theme-owc@1.0.3, @openwebconcept/design-tokens@1.0.3, public.pem file patterns, webhook host patterns, postinstall pattern signatures

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page