Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Socket researchers uncovered an active npm supply chain attack campaign dubbed SANDWORM_MODE, involving at least 19 typosquatted packages impersonating popular developer utilities and AI coding tools including Claude Code. Once installed, the malware harvests npm/GitHub tokens, environment secrets, and cloud credentials, then uses them to inject malicious code into other repositories and CI pipelines via weaponized GitHub Actions. The campaign also deploys a malicious MCP server into AI coding assistant configurations, enabling prompt-injection attacks to silently exfiltrate SSH keys and cloud credentials. A dormant polymorphic engine and a 'dead switch' home-directory wiper are embedded but inactive by default. npm has responded by tightening registry controls around credential abuse.

Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools