The npm ecosystem has suffered an unprecedented supply-chain attack.  Aikido Security uncovered that attackers compromised a trusted maintainer’s account to inject malware into widely used packages. According to BleepingComputer, these packages accounted for 2.6 billion weekly downloads, making this the largest npm compromise in history.

Attack Overview

The attackers initiated a phishing campaign posing as npm support. The phishing mail referenced fake security updates, threatening account lockout if Two-Factor Authentication was not refreshed. This led the maintainer to inadvertently grant access, allowing the attackers to push malicious code into the npm registry via legitimate versions.

List of Affected Packages

At the time of this writing, BleepingComputer confirms that the attack affected packages with over 2.6 billion weekly downloads. Here’s a list of the affected packages and their versions

backslash - 0.2.1

chalk-template - 1.1.1

supports-hyperlinks - 4.1.1

has-ansi - 6.0.1

simple-swizzle - 0.2.3

color-string - 2.1.1

error-ex - 1.3.3

color-name - 2.0.1

is-arrayish - 0.3.3

slice-ansi - 7.1.1

color-convert - 3.1.1

wrap-ansi - 9.0.1

ansi-regex - 6.2.1

supports-color - 10.2.1

strip-ansi - 7.1.1

chalk - 5.6.1

debug - 4.4.2

ansi-styles - 6.2.2

Why This Attack is So Alarming

• Unprecedented scale: Billions of weekly downloads “poisoned” critical parts of the JavaScript ecosystem.
• Deep, automatic infiltration: Many projects installed the compromised code through downstream dependencies, CI/CD pipelines, or build tools they never directly managed.
• Static scans fall short: Tools that only flag package presence on disk cannot distinguish whether the malicious version actually ran – creating a flood of alerts with unclear impact.

What Does the Malware Actually Do?

The malicious payload was engineered to execute in the client’s browser and carry out the following actions:

• Intercepts crypto and web3 activity by injecting code that monitors wallet APIs (such as window.ethereum)
• Silently manipulates wallet interactions, including transaction requests and approvals, without the user’s awareness
• Rewrites payment destinations, redirecting funds and approvals to attacker-controlled addresses, all while preserving a seemingly normal user interface

Essentially stealing transactions from crypto wallets. Individuals and companies that perform crypto transactions should be especially aware.

How Sweet Security Delivers Runtime-Aware Defense

Sweet provides runtime vulnerability management, among other features like Detection & Response, API Security and Identity Management. That means we detect packages not just based on what files are present on your disk but on what actually executes in your environment.

Benefits include:

• Precise alerts: We notify you only when compromised code is running, reducing noise from unused or benign files
• Contextual clarity: Easily see which workloads, containers, or services triggered the alert and what part of the code was executed
• Faster response: You can immediately isolate affected components and contain threats without sifting through false positives
• Better prioritization: You can respond to threats that truly matter, not to every passive listing in your codebase

Mitigation

1. Update dependencies: Upgrade to the latest safe versions of affected packages and pin them where possible
2. Rebuild clean: Clear caches and rebuild from trusted sources to avoid pulling compromised code
3. Audit behavior: Check for suspicious install scripts, unusual network activity, or obfuscated code
4. Monitor at runtime: Use runtime-aware tools to detect if malicious code actually executes in your environment

Wider Context and Related Attacks

This npm incident joins a troubling trend of increasingly sophisticated attacks on package ecosystems:

• In June, Aikido uncovered a separate supply-chain attack targeting Gluestack @react-native-aria packages, 17 of which (e.g. @react-native-aria/focus, @react-native-aria/checkbox) were injected with obfuscated remote-access trojans. These packages alone had over 1 million weekly downloads.
• Earlier in July, a phishing campaign compromised JavaScript type-testing utilities including the popular eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, and napi-postinstall. The backdoor executed malware via post-install scripts.
• Shortly afterward, the fundamental utility library is (downloaded 2.8 million times per week) was also compromised, with versions 3.3.1 through 5.0.0 briefly serving a WebSocket-based backdoor capable of remote code execution.

These patterns reveal a persistent, evolving strategy by attackers: compromise trusted maintainers, inject post-install or execution-time malware, and exploit the reach of widely used packages.

Conclusion

This massive npm compromise confirms that the software supply chain remains a favored attack vector for adversaries. Static detection and disk-based scanning no longer suffice.

With Sweet Security, you benefit from real-time visibility into what actually runs in your systems. When trusted libraries turn malicious overnight, runtime awareness is your most powerful defense.

‍

To learn more about Sweet Security's runtime sensor, book a demo today.