Skip to content 
Modern software is a complex network of components. Instead of being built from scratch, applications are assembled from countless open-source libraries, a process that creates an intricate and vulnerable supply chain.1 In September 2025, the npm ecosystem—a central source for these components—was targeted by two significant supply chain attacks.2 These incidents are a stark reminder that even the most trusted software can be compromised, and the risk extends far beyond developers to everyone who uses a digital service.
This report provides a concise overview of these attacks, the vulnerabilities they exploited, and the essential steps you can take to secure your systems and data.
1. The Threat: Poisoning the Source
A software supply chain attack occurs when malicious code is secretly inserted into a product before it reaches its users.4 Because modern applications contain over 200 dependencies on average, a single compromised library can spread malware to every user who downloads or updates the software.1 This is not a new problem; the NotPetya and SolarWinds attacks showed how hijacking software updates could compromise thousands of victims at once.4 The September npm attacks, however, demonstrate a new frontier: the active targeting of open-source projects.
2. The September 2025 npm Attacks: A Dual-Pronged Assault
Two separate campaigns struck the npm registry, each with a different objective.
Attack on CrowdStrike: A credential-stealing campaign, known as the “Shai-Halud attack,” compromised packages used internally by cybersecurity firm CrowdStrike.5 The attacker gained access to a publishing account and injected a multi-stage malicious script into packages like
@crowdstrike/commitlint. This malware was designed to steal sensitive credentials and API tokens by running a legitimate-looking tool called TruffleHog.5 It also created unauthorized GitHub Actions to establish persistent access and exfiltrate stolen data to a private webhook.5
Crypto-Hijacking Campaign: Concurrently, a broader attack targeted a popular open-source maintainer. The attacker used a convincing phishing email from a fake domain, npmjs.help, to trick the maintainer into revealing their username, password, and two-factor authentication (2FA) code.3 With this access, the attacker published malicious versions of 18 widely-used utility packages, including
debug and chalk, which are downloaded billions of times a week.2 The goal of this malware was to hijack cryptocurrency. It inserted code that could intercept web browser transactions and silently replace a user’s wallet address with the attacker’s, redirecting funds to an Ethereum address.2
Here is a summary of the compromised packages:
| Package Name | Affected Versions | Malware Type | Status |
| @crowdstrike/commitlint | 8.1.1, 8.1.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/falcon-shoelace | 0.4.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/foundry-js | 0.19.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/glide-core | 0.34.2, 0.34.3 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/logscale-dashboard | 1.205.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/logscale-file-editor | 1.205.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/logscale-parser-edit | 1.205.1, 1.205.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/logscale-search | 1.205.2 | Credential Stealer | Removed from registry 5 |
| @crowdstrike/tailwind-toucan-base | 5.0.2 | Credential Stealer | Removed from registry 5 |
| debug | N/A | Crypto Hijacker | Removed from registry 2 |
| chalk | N/A | Crypto Hijacker | Removed from registry 2 |
| 16 other utilities | N/A | Crypto Hijacker | Removed from registry 3 |
3. The Core Vulnerability: Unchecked Trust
These attacks highlight a critical security gap: the trust we place in open-source projects.2 Because developers cannot manually inspect every line of code they use, a single phishing attack on a maintainer can have a disproportionately large impact.3 This vulnerability is amplified when an innocent-looking utility package becomes a vector for a highly targeted attack.1 The only way to counter this is by shifting from a model of blind trust to one of active verification and constant vigilance.
4. What You Can Do Now
These attacks affect everyone, from cryptocurrency users to large corporations. Here are some immediate actions you should take to protect yourself.
For Individuals and Crypto Users:
- Protect Your Assets: For cryptocurrency, use a hardware wallet or cold storage to keep your private keys offline and out of reach of browser-based malware.6
- Stay Secure: Enable 2FA on all your important accounts and be skeptical of any unexpected login or password reset requests.6
For Developers and Businesses:
- Scan Your Codebase: Immediately check your package-lock.json or yarn.lock files to see if you are using any of the compromised packages.2
- Enable MFA: Enforce multifactor authentication on all npm accounts and developer tools to prevent account takeovers.2
- Manage Credentials: If any tokens or API keys were exposed, rotate them immediately.5
- Embrace SBOMs: Generate a Software Bill of Materials (SBOM) for your projects to maintain a complete and transparent record of all your dependencies, making it easier to respond to vulnerabilities.2
5. Conclusion: A Call for Shared Responsibility
The September 2025 npm attacks are a pivotal moment for the software community. They prove that attackers are becoming more strategic, aiming to compromise the very foundations of our digital world.6 A perimeter-based security approach is no longer enough.2 By adopting a proactive security posture—built on visibility, automated detection, and a culture of shared responsibility—we can build a more resilient ecosystem together.1
Appendix: Technical Indicators of Compromise (IoCs)
| Indicator of Compromise (IoC) | Type | Source |
| 46faab8ab153fae6e80e7cca38eab363075bb524edd79e42269217a083628f09 | Malicious bundle.js SHA-256 hash | 5 |
| 0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976 | Attacker Ethereum address | 3 |
| stealthProxyControl. runmask. newdlocal. checkethereumw | Suspicious global variables & functions | 3 |
| npmjs.help | Malicious domain | 3 |
Works cited
- What Is a Supply Chain Attack? – CrowdStrike, accessed September 16, 2025, https://www.crowdstrike.com/en-us/cybersecurity-101/cyberattacks/supply-chain-attack/
- The recent npm supply chain attack: Lessons in securing your software dependencies – Black Duck, accessed September 16, 2025, https://www.blackduck.com/blog/recent-npm-software-supply-chain-attack-security-lessons.html
- npm Supply Chain Attack: Massive Compromise of debug, chalk, and 16 Other Packages, accessed September 16, 2025, https://www.upwind.io/feed/npm-supply-chain-attack-massive-compromise-of-debug-chalk-and-16-other-packages
- Defending Against Software Supply Chain Attacks – CISA, accessed September 16, 2025, https://www.cisa.gov/sites/default/files/publications/defending_against_software_supply_chain_attacks_508_1.pdf
- CrowdStrike npm Packages Compromised in Ongoing Supply Chain …, accessed September 16, 2025, https://cybersecuritynews.com/npm-supply-chain-attack-crowdstrike/
- NPM Supply Chain Attack 2025: Crypto & Cybersecurity Risks – Dynamis LLP, accessed September 16, 2025, https://www.dynamisllp.com/knowledge/npm-supply-chain-attack-crypto-security-2025
