Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.

InfoWorld is a source of news, analysis, and commentary on technology trends, IT strategies, and business innovation. With a focus on enterprise technology and digital transformation, InfoWorld offers insights and guidance for IT decision-makers, software developers, and technology professionals. From  articles on cloud computing and cybersecurity to product reviews and industry trends, InfoWorld helps readers navigate the complexities of modern IT environments and make informed decisions to drive business success.

InfoWorld

Socket researchers have uncovered an active npm supply chain attack campaign dubbed SANDWORM_MODE, involving at least 19 typosquatted packages that impersonate popular developer utilities and AI coding tools like Claude Code. Once installed, the malware harvests npm tokens, GitHub credentials, and cloud keys, then uses them to inject malicious code into other repositories and CI pipelines via weaponized GitHub Actions. The campaign also deploys a malicious MCP server into AI coding assistant configurations, enabling prompt-injection attacks that silently exfiltrate SSH keys and cloud credentials. A dormant 'dead switch' capable of wiping home directories is embedded but remains off by default.

New npm worm hits CI pipelines and AI coding tools