nx Build System Compromised Targeting Linux and MacOS developers
The popular npm package `nx` was compromised, targeting Linux and macOS developers. Malicious versions included a postinstall script that stole credentials, exfiltrated sensitive files, and added…
Read the full articleYou might also wanna read
Security Alert: Malicious Nx Packages Published to npm Containing Credential-Stealing Code
## Summary Malicious versions of the [`nx` package]( as well as some supporting plugin packages, were published to npm, containing code that
Nx Build Kit Security Breach: Malware Steals Wallets and Credentials via GitHub Repositories
What is s1ngularity-repository? Nx is compromised and the malware steals wallets and API keys using Claude CLI or Gemini.
176 malicious npm packages used dependency confusion to target internal dependencies and steal credentials
A 176-package npm malware campaign used dependency confusion and install-time scripts to steal credentials and compromise developer and CI/C

Zero-day Extensive NPM Package Compromise - Shai Hulud Supply Chain Attack
A supply chain attack hit the ngx-bootstrap npm package, embedding malware to steal developer credentials. See affected versions (e.g., 20.0
Red Hat npm packages compromised to steal developer credentials
Red Hat npm packages compromised to steal developer credentials
MAL-2026-10117: Malicious code in nodemon-slint (npm)
The nodemon-slint package on npm contains malicious code that fully compromises any computer on which it is installed or running. The compro

Comments
Sign in to join the conversation.
No comments yet. Be the first.