Threat Research

In March 2026, Anthropic accidentally exposed the full source code of its Claude Code AI agent through a misconfigured npm package that included a large JavaScript source map file. The leak revealed hundreds of thousands of lines of unobfuscated code, exposing internal architecture, agent orchestration logic, and security-related components....

Axios, a popular JavaScript HTTP client with massive weekly downloads, was compromised after an attacker took over the lead maintainer’s npm account. They released two malicious versions (1.14.1 and 0.30.4) embedding a cross-platform remote access trojan (RAT)....

A software supply chain attack targeted the widely used axios NPM package by injecting a malicious dependency, plain-crypto-js, into specific versions, impacting millions of users. The malicious code acted as an obfuscated dropper that deployed the WAVESHAPER.V2 backdoor across Windows, macOS, and Linux systems....

In November 2025, three malicious npm packages—bitcoin-main-lib, bitcoin-lib-js, and bip40—were identified. These packages were engineered to deploy a previously unknown remote access trojan (RAT) malware family. The malware, dubbed NodeCordRAT, propagates through npm and leverages Discord servers for command-and-control (C2) communications....

The team investigated a renewed npm-focused compromise known as Shai-Hulud 2.0, first revealed in early November 2025. This campaign is far larger than before, impacting tens of thousands of GitHub repositories, including over 25,000 malicious repos tied to roughly 350 unique users....

On September 8, 2025, a threat actor hijacked the NPM account of developer “qix” (Josh Junon) through a phishing email impersonating NPM Support. After stealing credentials via a fake NPM login page, the attacker injected a JavaScript clipper into 20 popular NPM packages, redirecting cryptocurrency transactions to attacker-controlled wallets....

A North Korea-aligned group, Famous Chollima, is using fake job offers to lure victims into installing malware. In a recent case, a trojanized Node.js app called Chessfi was distributed via the NPM package node-nvm-ssh. The group’s tools, BeaverTail and OtterCookie, have evolved by merging functionalities and adding a new JavaScript module for keylogging and taking screenshots....

Software supply chain attacks are surging, as seen in the "Shai-Hulud" worm targeting npm. Attackers are harvesting developer credentials to publish malicious packages. This highlights the need for strong authentication and strict access controls. A defense-in-depth strategy with monitoring and threat detection is vital....

On September 15, attackers launched a targeted phishing campaign to compromise NPM maintainer accounts and inject malicious code into popular JavaScript packages. The attack enabled supply chain compromise, affecting key packages used in application development and cryptography....