Overview:
Throughout 2025, the Node Package Manager (NPM) ecosystem has been repeatedly targeted in fast-moving supply chain attacks. Threat actors have flooded the NPM registry with malicious packages, compromised maintainers, and disguised malware within widely used dependencies. By exploiting the trust placed in open-source repositories, attackers aim to gain access to continuous integration and continuous development (CI/CD) environments. These compromises pose a serious threat to research, development and operational activities across the global space sector, where software reliability and security are critical.
Shai-Hulud Attack:
On 15 September 2025, researchers identified more than 187 malicious packages uploaded to the NPM registry as part of an ongoing supply chain campaign. The attack, dubbed Shai-Hulud, involved a self-replicating worm designed to steal developer and maintainer credentials and publish them to GitHub.
The first wave of compromises began on 14 September, when attackers trojanized the popular @ctrl/tinycolor package alongside over 40 other NPM packages. Subsequent reporting from Socket confirmed additional compromises, including multiple CrowdStrike NPM packages that were later removed. At the time of this writing, Socket is tracking over 500 affected packages.
The worm’s functionality includes harvesting developer and cloud credentials, validating them, injecting malicious GitHub Actions workflows to establish persistence and exfiltrating secrets to attacker-controlled webhooks. These tactics align with a larger trend of open-source malware and targeted maintainer compromises that undermine CI/CD pipelines—workflows critical to the commercial space industry’s ability to develop, test and deploy software.
NPM and the Open-Source Supply Chain:
NPM is both a command-line tool and an online repository for JavaScript packages. Its widespread use across development teams and automated build systems makes it a high-value target for adversaries. A single malicious update can cascade across thousands of downstream projects and CI/CD pipelines.
Attackers therefore focus on maintainers, publishing credentials and CI systems to distribute malicious code at scale. This tactic has grown sharply in recent quarters. According to Sonatype’s 2025 Open Source Malware Index Report, open-source malware increased 188% year-over-year, with exfiltration-focused payloads now the dominant type. This surge means that nearly any organization relying on open-source packages risks encountering trojanized code during its development lifecycle.
Other Recent Examples:
Beyond Shai-Hulud, several other incidents illustrate the breadth of NPM-focused activity. In late August 2025, attackers exploited GitHub Actions to steal an NPM token, which they then used to publish malicious Nx packages. This compromise exposed thousands of secrets before mitigation measures were enacted. In early to mid-September, multiple popular packages, including debug, chalk and ansi-styles, were trojanized following a targeted phishing campaign against a maintainer. The attack enabled a credential- and crypto-stealer payload with the potential to affect millions of downstream developers.
In addition, prior campaigns attributed to foreign IT worker cluster known as Contagious Interviewand the broader Lazarus APT group leveraged typosquatting and custom loaders to distribute more than 60 malicious NPM packages.
These incidents collectively demonstrate adversaries’ reliance on phishing, social engineering and MFA bypasses to compromise maintainers, followed by the abuse of legitimate tools such as TruffleHog for secrets discovery and CI automation frameworks like GitHub Actions. Attribution remains complex, with activity ranging from opportunistic, financially motivated actors to more sophisticated, state-linked operators using NPM as an infrastructure vector.
Conclusion:
Taken together, these incidents highlight recurring characteristics of NPM supply chain compromises. First, they represent a novel but increasingly common avenue for adversaries to penetrate trusted ecosystems. Second, threat actors consistently exploit social engineering and phishing to bypass MFA safeguards and seize maintainer accounts. Third, they disguise malware within widely used packages to opportunistically target CI/CD environments at scale. Finally, the focus on developer workflows underscores a strategic effort to compromise the very processes that underpin software innovation.
The repeated targeting of NPM—alongside other repositories such as GitHub and PyPI—illustrates a repeatable and scalable model for supply chain attacks. For the space sector, which relies on rapid iteration, rigorous testing and secure software deployment, these attacks pose systemic risks. As adversaries continue to refine their techniques, building resilience into CI/CD pipelines and open-source dependencies will be essential to safeguarding mission-critical research and operations.
