{"id":2814,"date":"2025-09-14T16:52:46","date_gmt":"2025-09-14T16:52:46","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2025\/09\/14\/malicious-npm-code-reached-10-of-cloud-environments\/"},"modified":"2025-09-14T16:52:46","modified_gmt":"2025-09-14T16:52:46","slug":"malicious-npm-code-reached-10-of-cloud-environments","status":"publish","type":"post","link":"https:\/\/ft365.org\/index.php\/2025\/09\/14\/malicious-npm-code-reached-10-of-cloud-environments\/","title":{"rendered":"Malicious npm Code Reached 10% of Cloud Environments"},"content":{"rendered":"<div>\n<p><img decoding=\"async\" src=\"https:\/\/ft365.org\/wp-content\/uploads\/2025\/06\/localimages\/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg?width=64&#038;height=64&#038;mode=crop&#038;scale=both&#038;format=webp\" alt=\"Photo of Phil Muncaster\" loading=\"lazy\"><\/p>\n<\/div>\n<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active\u00a0and may already have impacted 10% of cloud environments.<\/p>\n<p>On Monday, a threat actor hijacked the npm account of a well-known developer, \u201cqix,\u201d via social engineering, before publishing trojanized versions of popular packages.<\/p>\n<p>Although these malicious versions, which contained crypto-stealing malware, were removed within just two hours, security vendor Wiz has claimed they managed to reach 1 in 10 cloud environments.<\/p>\n<p>\u201cDuring the short two-hour timeframe in which the versions were available for download, if they were incorporated into frontend builds and shipped as web assets, any browsers loading the affected website would execute a malicious payload that hooks network and wallet APIs in order to silently rewrite cryptocurrency recipients\/approvals before signing, so that transactions would be diverted to attacker-controlled wallets,\u201d the vendor claimed.<\/p>\n<p>\u201cFollowing the release of the malicious versions, our data shows that the malicious code itself could be found in at least 10% of cloud environments, present in bundles or assets.\u201d<\/p>\n<p><em>Read more on open source threats: Malicious Open Source Packages Surge 188% Annually<\/em><\/p>\n<p>Wiz also cited research from JFrog indicating that the campaign extends beyond qix to other npm accounts.<\/p>\n<p>\u201cAfter the initial batch of infected packages, we identified a few more compromised accounts, including\u00a0duckdb, which indicates that the campaign is still active,\u201d the supply chain security vendor wrote.<\/p>\n<p>Malicious packages included @duckdb\/node-api@1.3.3, @duckdb\/duckdb-wasm@1.29.2, @duckdb\/node-bindings@1.3.3, and duckdb@1.3.3. The good news is that these were also removed quickly and received \u201calmost no downloads,\u201d according to JFrog.<\/p>\n<h2>No Time to Relax<\/h2>\n<p>Users of what is the world\u2019s largest software registry, NPM, were urged to stay vigilant.<\/p>\n<p>\u201cTreat the list as evolving; validate against your registry\/mirror and keep blocklists current,\u201d said Wiz.<\/p>\n<p>The cloud security vendor had the following advice for security teams:<\/p>\n<ul>\n<li>Blocklist malicious package versions in the private registry\/proxy, and pin\/override to known-safe versions<\/li>\n<li>Rebuild from clean caches (CI + local), clearing all caches on local development machines and CI\/CD build servers to prevent any compromised dependencies from being reintroduced from a \u201cpoisoned\u201d cache<\/li>\n<li>Issue an invalidation command for all affected JavaScript assets on the company Content Delivery Network (CDN), in order to force servers to discard cached malicious files<\/li>\n<li>Hotfix the UI by adding client-side checksums\/subresource integrity (SRI) where applicable.\u00a0Temporarily disable tipping\/donation modules and force re-auth for wallet flows<\/li>\n<li>Hunt for malicious packages by running bundle\/asset scans and reviewing signing-flow telemetry for anomalies during 13:16-15:15 UTC on September 8<\/li>\n<li>Triage by auto-flagging approvals\/transfers to unexpected recipient\/spender addresses in that time window\u00a0and notify impacted users<\/li>\n<li>Refresh the npm blocklist daily while the campaign continues, including DuckDB and any newly reported packages<\/li>\n<\/ul><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active\u00a0and may already have impacted 10% of cloud environments. On Monday, a threat actor hijacked the npm account of a well-known developer, \u201cqix,\u201d via social engineering, before publishing trojanized versions of popular packages. Although these malicious versions, which contained<\/p>\n","protected":false},"author":2,"featured_media":2815,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"thumbnail":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9-150x150.jpg",150,150,true],"medium":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"medium_large":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"large":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"1536x1536":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"2048x2048":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"morenews-featured":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"morenews-large":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"morenews-medium":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9.jpg",300,300,false],"crawlomatic_preview_image":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2814-9390b059-5fe2-4a21-b511-76d421057ce9-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"https:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"https:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=2814"}],"version-history":[{"count":0,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2814\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/2815"}],"wp:attachment":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=2814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=2814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=2814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}