The software world faced a wake-up call in 2025 when hackers started targeting the building blocks that developers use to create websites and apps.

These attacks hit NPM packages – small pieces of code that millions of programmers rely on daily. The consequences reached far beyond individual computers, affecting entire companies and their customers.

The Biggest Attack Yet

On August 26, 2025, cybercriminals pulled off what security experts call a breakthrough attack. They compromised the Nx build system, a popular tool downloaded 4 million times each week. But this wasn’t just another hack – it was the first time attackers used artificial intelligence tools against their victims.

The malicious code searched for valuable information like passwords, cryptocurrency wallets, and access tokens. Then it did something new: it commanded AI tools like Claude, Gemini, and Q to help scan computers for sensitive files. Security firm Wiz reported that attackers stole over 1,000 GitHub tokens and roughly 20,000 files from victims.

The attack lasted just over five hours before the community spotted it. During that time, the malware created public repositories on GitHub with names starting with “s1ngularity-repository” to store stolen data. Even after the initial cleanup, a second wave hit when attackers used the stolen credentials to make private company repositories public.

How the Attacks Work

These supply chain attacks target the trust that exists in the coding community. Developers routinely download and use code packages created by others. When hackers compromise these packages, they can reach thousands of computers at once.

The attacks typically start with phishing emails that trick package maintainers into giving up their login credentials. In July 2025, attackers used a fake website that looked like the real NPM registry to steal passwords. They then uploaded malicious versions of popular packages like eslint-config-prettier, which gets downloaded 30 million times per week.

Another common method involves North Korean hackers who pose as recruiters on LinkedIn. They send job seekers coding assignments that contain hidden malware. Socket, a security company, found 35 malicious packages connected to this scheme.

Recent Incidents Show Growing Threat

The attacks keep getting bigger and more sophisticated. On September 8, 2025, fundamental packages like chalk, debug, and ansi-styles were compromised. These packages have a combined 2 billion weekly downloads, making it one of the largest supply chain attacks ever recorded.

Source: @P3b7_

Earlier incidents throughout 2025 showed different attack methods. The error-ex package, downloaded 47 million times weekly, had malicious code that tried to steal cryptocurrency. The compromised version 1.3.3 contained heavily disguised code designed to detect and steal digital wallets.

Security researchers have identified patterns in these attacks. Many target cryptocurrency-related data, while others focus on stealing developer credentials that can be used for future attacks. The scope keeps expanding as attackers find new ways to abuse the trust between developers and the packages they use.

Industry Fights Back

The technology industry responded quickly to these threats. GitHub disabled thousands of malicious repositories within hours of discovery. NPM, the main package registry, now requires two-factor authentication for maintainers of popular packages and has moved to trusted publishing methods.

Security companies developed new tools to catch these attacks faster. CrowdStrike’s platform successfully blocked the Scavenger malware using machine learning and behavioral analysis. Socket created AI-powered scanners that can spot suspicious packages before they cause damage.

The developer community also stepped up. Community members now watch for suspicious package updates and report them quickly. During the Nx attack, volunteers alerted the development team within two hours of the malicious packages going live.

Protecting Against Future Attacks

Developers and companies can take several steps to protect themselves. Using npm ci instead of npm install in automated systems ensures exact package versions are installed. This prevents newer, potentially malicious versions from sneaking in.

Pinning specific package versions and regularly auditing dependencies helps catch problems early. Tools like Snyk and Dependabot can automatically scan for known security issues and suggest fixes.

Companies should also implement cooldown periods for new packages. StepSecurity introduced automatic checks that block pull requests containing recently published packages, giving time for the community to vet new releases.

The Road Ahead

The attacks on NPM packages represent a shift in how cybercriminals allegedly operate. Instead of targeting individual companies, they allegedly compromise the shared infrastructure that everyone depends on. The alleged use of AI tools for reconnaissance shows attackers are adapting to new technologies.

However, the community’s response demonstrates that the open-source ecosystem can adapt and strengthen its defenses. Enhanced monitoring, better authentication, and improved collaboration between security firms and package registries are making these attacks harder to execute and easier to detect. While the threat continues to grow, so does the industry’s ability to respond effectively.