Open Source Supply Chain Attacks Are Not Slowing Down
Today alone, there were compromises across PyPI, npm, and Docker Hub. These attacks impacted the Xinference PyPI package, multiple Namastex.ai npm packages, and the official Checkmarx KICS Docker image.
Here is a brief breakdown of the activity.
Xinference PyPI: Attackers hijacked the legitimate release line and injected a payload that conducts host reconnaissance and exfiltrates secrets upon import.
Namastex.ai npm: Malicious packages contained install-time malware designed to harvest developer secrets and self-propagate by extracting npm tokens.
Checkmarx KICS: Malicious images pushed to the official Docker Hub repository and manipulated VS Code extensions silently downloaded a payload to harvest cloud and developer credentials.
While TeamPCP claimed responsibility for the Checkmarx compromise, they have also denied involvement in the Xinference compromise. These campaigns will become more clear in the coming days — however regardless of the actor, organizations should review their environments for these dependencies.
Investigate for any exposure and rotate any potentially compromised credentials. As threat actors increasingly target developer tooling and CI/CD pipelines, supply chain defense should be top of mind for defenders.
Attacks continued with BitWarden the same day: BleepingComputer / Socket report.
Further reading:
- JFrog — Xinference compromise
- Socket — Namastex npm packages
- Socket — Checkmarx supply chain compromise
- Socket — BitWarden CLI compromised