StepSecurity

205 posts

StepSecurity banner
StepSecurity

StepSecurity

@step_security

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner

Katılım Kasım 2021
23 Takip Edilen947 Takipçiler
Sabitlenmiş Tweet
StepSecurity
StepSecurity@step_security·
🚨 Last week, North Korean state actors hijacked axios on npm. 300M+ weekly downloads. Turned into a remote access trojan. We just published the behind-the-scenes story of how we detected it, fought the threat actor in real time, and helped the community respond.
English
4
11
38
5.3K
StepSecurity
StepSecurity@step_security·
🚨 Another supply chain attack is showing why "verified provenance" isn't the same as "safe." 📦 Three packages from the AsyncAPI generator monorepo are live on npm right now carrying an obfuscated malware dropper: • @asyncapi/generator@3.3.1 • @asyncapi/generator-helpers@1.1.1 • @asyncapi/generator-components@0.7.1 🔑 Here's what makes this one different. The attacker didn't steal an npm token. They pushed a single malicious commit to a branch called "next" and let the project's own CI/CD do the rest. ⚙️ That push auto-triggered AsyncAPI's release-with-changesets.yml workflow. Few seconds later, GitHub Actions ran the release pipeline on refs/heads/next and published all three packages through npm's OIDC trusted-publisher flow. Every package ships with valid SLSA provenance attestations. ✅ The provenance is real. The sigstore certificate correctly records the repo, the workflow, the ref, the commit, and the Actions run. It proves exactly which pipeline built the package. It just can't prove the commit that fed the pipeline was safe. 🕵️ The payload itself is quiet by design. No install script. It fires when the poisoned module is require()d during a normal build, spawns a hidden detached Node process, and pulls a second-stage credential stealer from an IPFS gateway, then exits cleanly with no error. 🧹 After the packages were released, the attacker deleted both the workflow run and the "next" branch, wiping the most obvious traces of how the publish happened. stepsecurity.io/blog/compromis…
English
0
12
22
2K
StepSecurity
StepSecurity@step_security·
🚨 jscrambler npm package is compromised 🚨 On July 11, 2026, version 8.14.0 of jscrambler, the official CLI for Jscrambler's Code Integrity API, was published to npm with a malicious preinstall hook. With a clean history back to 0.1.0 and common use in CI/CD pipelines, it's a high-value supply chain target. What makes this one nasty: the payload isn't JavaScript. It's a Rust-compiled native binary hidden inside a 7.8 MB file disguised as dist/intro.js. On install, the preinstall loader drops a platform-matched binary and spawns it detached from the install tree. It's a cross-platform credential and crypto-wallet stealer, targeting browser credential stores, MetaMask, and seed phrases. How StepSecurity customers were already protected: 👉 Our OSS AI Package Analyst flagged 8.14.0 with a maximum suspicion score on publish. 👉 Secure Registry's cooldown held the release before serving it, so customers were never exposed. 👉 Harden-Runner captured the binary's outbound calls and added them to our global block list. 👉 GitHub Actions checks fail PRs that introduce known-compromised or recently-published packages during the cooldown window, blocking the merge automatically. 👉 npm Package Search finds where a compromised package landed across CI/CD, code repositories, and pull requests, so teams can instantly see the blast radius. 👉 Dev Machine Guard lets teams instantly find impacted devices by package and version. If you installed 8.14.0: treat the host as compromised. Downgrade to 8.13.0, rotate all browser credentials on that machine, and audit crypto wallet extensions. Checkout our blog post for technical analysis, IoCs, and community/enterprise recovery steps: stepsecurity.io/blog/jscramble…
English
0
3
16
1.5K
StepSecurity
StepSecurity@step_security·
🚨 Recent supply chain attacks like Hades have been creating rogue GitHub Actions workflows to exfiltrate CI/CD credentials. Then they delete the workflow run and the branch, so there is no evidence left. 👻 Because there is no evidence, you may have been compromised and not even know it. 🔍 The attack in 5 steps: 1️⃣ Compromise a developer credential (stolen PAT or OAuth token) 2️⃣ Push a workflow file with a harmless name like copilot.yml 3️⃣ The push triggers the workflow run automatically 4️⃣ toJSON(secrets) dumps every repo and accessible org secret 5️⃣ Delete the run and the branch. No build logs, no branch, no evidence. 🚫 Branch protection and code review do not catch this. There is no pull request, so there is no reviewer in the loop. 🛡️ StepSecurity is the only solution that can both prevent and detect this attack type. The Secret Exfiltration Policy flags the unapproved workflow and cancels the run before it starts, so your secrets are never exposed, and you get alerted that a developer credential has been compromised. ⚠️ We expect most supply chain attacks to use this pattern going forward. If you use GitHub Actions, check out this blog post stepsecurity.io/blog/introduci…
English
0
6
13
907
StepSecurity
StepSecurity@step_security·
🚀 StepSecurity Maintained Actions Are Now Free for Public Repos! ⚠️ GitHub Actions are incredibly powerful, but third-party actions come with real supply chain risk. Many popular actions have been abandoned, archived, or compromised. Last year, the tj-actions/changed-files incident (CVE-2025-30066) exposed secrets across 23,000+ repositories. That was a wake-up call for the entire ecosystem. 🛡️ StepSecurity Maintained Actions are secure, drop-in replacements for risky third-party actions. They go through manual review, static analysis, AI-assisted review, and follow strict security practices for release management. 📈 With 500 maintained actions in our catalog, and the number growing every day, they are designed to be API-compatible with the originals, meaning you can switch with a simple find-and-replace in your workflow files, with no other changes required. 🚀 Until now, these were exclusive to our enterprise customers. But when we made step-security/changed-files free after the tj-actions incident, 3,000+ open-source projects and thousands of enterprises adopted it. The demand was clear. 💙 StepSecurity has always been community-first. Harden-Runner is free for public repos (used by 15,000+ open-source projects). SecureRepo is free for public repos (used by 22,000+ repositories). Today, we’re extending that same principle to Maintained Actions. ✅ 500 actions available today and will progressively roll out more. If your open-source project uses third-party actions that are abandoned or archived, check if we have a secure replacement. stepsecurity.io/blog/stepsecur…
English
0
1
9
595
StepSecurity
StepSecurity@step_security·
🚨 Four @immobiliarelabs Backstage plugins were compromised on npm today. 📦 Affected packages: @immobiliarelabs/backstage-plugin-gitlab @immobiliarelabs/backstage-plugin-gitlab-backend @immobiliarelabs/backstage-plugin-ldap-auth @immobiliarelabs/backstage-plugin-ldap-auth-backend ⚡ 22 malicious versions published within a 30-second window, inserted as patch releases across every major release series simultaneously. 🪝 The payload fires through a binding.gyp hook at install time, not a postinstall script. It downloads the Bun runtime from GitHub, then runs a 5MB obfuscated payload using Bun. 🔑 It then sweeps the machine for credentials across AWS, GCP, Azure, HashiCorp Vault, Kubernetes, npm, PyPI, RubyGems, JFrog, GitHub personal access tokens, 1Password, and SSH keys. 🤖 And it rewrites AI coding assistant configs. Claude Code, GitHub Copilot, Cursor, VS Code... An infectHost function injects hooks that run attacker-controlled code on every session start. Removing the package does not undo this. Any developer who ran npm install on a compromised version may still be executing malicious instructions every time they open their editor. 🏭 In a CI/CD pipeline, the payload also locates the GitHub Actions Runner.Worker process and reads /proc/{pid}/mem directly to extract secrets that are masked in workflow logs. 📤 Stolen credentials are encrypted and committed to GitHub repositories via the GitHub GraphQL API using the victim's own token. 🔗 This is the same technique used in the Miasma campaign earlier this month, which compromised 57 packages across 286 versions with approximately 13,600 weekly downloads. 🛡️ For StepSecurity customers, here is what protects you: 🔔 Threat Center delivered an alert with full attack details, IOCs, affected packages, and remediation steps directly into your SIEM before most teams knew this happened. 🏃 Harden-Runner detected the anomalous process memory read on the GitHub Actions runner and triggered lockdown mode, terminating the workflow run before any secrets were extracted. 🧊 Secure Registry customers were protected by the package cooldown feature, which delays newly published versions before serving them. 💻 Dev Machine Guard gives you visibility into which enrolled developer machines have the compromised package versions installed, so you know exactly which machines need remediation. 🔍 npm Package Compromised Updates Check blocked any pull request attempting to introduce a known compromised version, and npm Package Search lets you find the blast radius across every repo, PR, and branch in your tenant right now. stepsecurity.io/blog/immobilia…
English
2
5
16
852
StepSecurity
StepSecurity@step_security·
🚨 Another GitHub Action compromised today: simonecorsi/mawesome This is the second action compromise we are tracking today, and it uses the same technique as the earlier codfish/semantic-release-action incident. Almost certainly the same attacker. 🔁 A few things from the earlier compromise that are worth highlighting, because they change how defenders should think about this class of attack: 🏷 The attacker published the major version tags, including v5, as immutable tags pointing at the malicious commit. Once a tag is marked immutable on GitHub, it cannot be moved. 💻 The malicious code does not stop at exfiltrating CI/CD credentials. It also writes malicious VS Code settings and Cursor rules files into every branch of the repository. Any developer who later clones this repo and opens it in VS Code or Cursor will silently execute the attacker's payload, turning a CI/CD compromise into a developer machine compromise. 🎯 This is a pattern we are seeing more and more: a single supply chain compromise designed to hit both CI/CD runners AND developer workstations. ⏱ Also worth noting: the earlier codfish/semantic-release-action repository is still in a compromised state nearly 9 hours after the initial compromise was identified. The malicious commits and immutable tags have not been remediated. Anyone running the action today is still pulling the attacker's code. 🛡 StepSecurity customers are protected on multiple fronts: 🚫 The Compromised Actions Policy has been updated to block simonecorsi/mawesome (and codfish/semantic-release-action). Workflows referencing either action are blocked before they execute. ⛔ StepSecurity Harden Runner blocks both compromised actions at runtime. The malicious payload reads memory from the Runner.Worker process to harvest CI/CD secrets, a behavior Harden Runner detects and prevents on every protected workflow, regardless of which action introduces it. 🧰 Dev Machine Guard now includes a recently shipped capability that detects suspicious IDE extension settings and rules files (VS Code settings.json, Cursor rules, etc.) dropped into repositories on developer machines. This is exactly the persistence mechanism this attacker is using. ✅ If you use either action: stop using it immediately, pin to a known good commit SHA from before the compromise, rotate any secrets exposed to recent workflows, and check developer machines that have cloned these repositories for the dropped IDE config files. stepsecurity.io/blog/simonecor…
English
0
10
30
13.9K
StepSecurity
StepSecurity@step_security·
🚨 The GitHub Action codfish/semantic-release-action has been compromised 🏷 Some tags in the repository have been rewritten to point to an imposter commit that exfiltrates CI/CD credentials. Any workflow that references this action by version tag will pull the malicious code on its next run. 🧠 The malicious code reads memory from the Runner.Worker process to harvest CI/CD secrets in flight, then exfiltrates them to attacker controlled infrastructure. 🛡 StepSecurity customers are already protected in multiple ways: 🚫 The Compromised Actions Policy has been updated to block use of codfish/semantic-release-action. For customers with the policy enabled, any workflow run referencing this action is blocked before it executes. ⛔ StepSecurity Harden Runner immediately blocks this action at runtime because it attempts to read the Runner.Worker process memory, a behavior Harden Runner detects and prevents on every protected workflow. stepsecurity.io/blog/supply-ch…
English
0
5
20
1.2K
StepSecurity
StepSecurity@step_security·
🛡️ Announcing Dev Machine Guard Suspicious File Detection: StepSecurity enterprise customers can now quickly detect developer machines compromised by Miasma and Hades, across their entire fleet. ⏱️ Three waves in five days. 57 npm packages hit June 3. Microsoft's Azure GitHub orgs June 5. Hades on PyPI June 8. 🪱 These worms execute the moment a project is opened. A planted .vscode/tasks.json auto-runs in VS Code. Hooks do the same in Claude Code (.claude/setup.mjs), Cursor, Codex, and Gemini. No install needed. ⚠️ EDR misses it: the execution chain is your own trusted tooling, and the payload reads secrets from process memory. No malware binary to fingerprint. 🔍 Detection rules are written and continuously updated by our research team, first to report multiple waves of this campaign. Nothing to tune. ✅ Running Dev Machine Guard? Open Suspicious Files in your dashboard now and check your fleet. 👉 Full details: stepsecurity.io/blog/miasma-an…
English
0
3
9
744
StepSecurity
StepSecurity@step_security·
🚨 Pythagora-io/gpt-pilot (33K stars) was compromised today. An attacker hijacked a co-founder's GitHub account and force-pushed a Shai-Hulud credential stealer to main. The unlikely hero? ruff, the Python linter, blocked the malicious code twice. The attacker gave up. Full analysis: stepsecurity.io/blog/pythagora…
English
1
12
36
2.2K
StepSecurity
StepSecurity@step_security·
🚨 Breaking: npm supply chain worm spreading via binding.gyp, bypassing install hook detection. Steals npm/GitHub/AWS/GCP/Azure credentials and publishes poisoned versions of packages you maintain. Actively investigating. Affected packages and analysis: stepsecurity.io/blog/binding-g…
English
0
26
72
12.6K
StepSecurity
StepSecurity@step_security·
🚨 Breaking: 31 npm packages from @RedHat have been compromised. 100,000+ weekly downloads affected. The upstream CI/CD pipeline was compromised, with all packages published via GitHub Actions OIDC. The payload: ⚠️ Reads GitHub Actions runner process memory to extract masked secrets ⚠️ Sweeps credentials across AWS, GCP, Azure, K8s, Vault, and npm ⚠️ Self-propagating worm that republishes backdoored packages using stolen npm tokens, bypassing 2FA ⚠️ Persists on dev machines via Claude Code settings hijack and VS Code task injection ⚠️ Exfiltrates data through GitHub API commits, blending in with normal git operations We have responsibly disclosed the incident to the maintainers. Full technical analysis: stepsecurity.io/blog/multiple-…
English
4
72
211
64.1K
StepSecurity
StepSecurity@step_security·
🚨 Active npm supply chain attack. 143 packages compromised in a single coordinated wave across the AntV (Alibaba) data visualization ecosystem, plus echarts-for-react, timeago.js, jest-canvas-mock, and others. Some ship over a million downloads per month. 🛡️ The C2 domain sits on the same infrastructure used in the actions-cool/* GitHub Actions compromise we reported earlier today. Every StepSecurity Harden-Runner customer, community tier and enterprise, was protected from second zero of this incident via our global block list. 🚨 We pushed a Threat Center alert to all StepSecurity enterprise customers with detection queries and remediation steps. Here's how StepSecurity Enterprise customers are protected at every stage of the software development pipeline: ⚙️ CI/CD pipelines 1️⃣ Outbound connections to the C2 domain are blocked automatically 2️⃣ Runner.Worker memory read detection flags attempts to dump CI/CD secrets 📦 Code Repositories 1️⃣ npm package search detects compromised packages in default branches and pull requests 2️⃣ npm cooldown and compromised package GitHub checks automatically block pull requests from being merged 💻 Dev Machine Guard 1️⃣ npm package search detects compromised packages installed on developer machines. 🔒 For all stages, StepSecurity Secure Registry blocks these compromised packages from even reaching your environment in the first place. stepsecurity.io/blog/compromis…
English
0
10
32
2.4K
StepSecurity
StepSecurity@step_security·
🚨 ACTIVE SUPPLY CHAIN ATTACK 🚨 The actions-cool/issues-helper GitHub Action is compromised. Every existing tag in the repo now points to an imposter commit that: ⬇️ Downloads the bun JS runtime 🧠 Reads Runner.Worker process memory to harvest CI/CD secrets in flight 📡 Exfiltrates credentials to t.m-kosche[.]com Any workflow referencing this action by version will pull the malicious code on its next run. If you use it: stop immediately, pin to a known-good commit SHA from before the compromise, and rotate any secrets exposed to recent runs. StepSecurity customers are already protected: 🛡 Real-time Threat Center alert with "Am I Affected?" links for every workflow and every runner that has talked to the IOC domain 🚫 Compromised Actions Policy blocks any run referencing this action before it executes 🌐 Harden-Runner Global Block List now blocks t.m-kosche[.]com automatically, even in audit mode, no config change required 🔍 Imposter Commit detection flags the exact signature of this attack Full advisory and IOCs: stepsecurity.io/blog/actions-c…
English
2
25
88
11.9K
StepSecurity
StepSecurity@step_security·
🚨 BREAKING Nx Console VS Code Extension Compromised 🚨 Nx Console (nrwl.angular-console) v18.95.0, a VS Code extension with 2.2M+ installs, was published with malicious code on May 18, 2026. The compromised version executes an obfuscated credential stealing payload on workspace activation. If you use Nx Console, assume your machine is compromised and follow your incident response process. Our team is actively investigating and will keep the blog post updated as new details emerge: stepsecurity.io/blog/nx-consol… #SupplyChainSecurity #VSCode #CyberSecurity #DevSecOps
English
2
41
116
21.3K
StepSecurity retweetledi
kidneyweakx
kidneyweakx@kidneyweakx·
why this happened every day
StepSecurity@step_security

🚨 BREAKING: node-ipc compromised. Again. Three malicious versions of node-ipc (9.1.6, 9.2.3, 12.0.1) were published today carrying an identical credential-stealing payload. This package has 10M+ weekly downloads. Here's what happened: An attacker injected an 80KB obfuscated IIFE into the CommonJS bundle. It fires on every require('node-ipc') call. No special config needed, just importing the package is enough. What it steals: → AWS, Azure, GCP credentials → SSH private keys → Kubernetes configs → Docker tokens → GitHub CLI tokens → AI tool configs (including Claude) → Terraform state → 90+ credential file patterns in total Everything gets gzipped and exfiltrated to an attacker-controlled domain (sh[.]azurestaticprovider[.]net) via DNS TXT queries and HTTPS POST, designed to look like normal traffic. The attacker published across two major version lines simultaneously (9.x and 12.x) to maximize blast radius. Semver ranges like ^9, ~9.1.x, ~9.2.x, ^12, and ~12.0 all resolve to compromised versions automatically on the next install or lockfile refresh. Key details: Only the CommonJS bundle (node-ipc.cjs) is affected. ESM imports are clean. The 9.x releases are fabricated. The 9.x line never shipped a .cjs bundle before this attack. This is a different actor from the 2022 peacenotwar incident. Purely financial, credential-theft motivation. If you installed any of these versions, assume all secrets on that machine are compromised. Rotate everything. Our full technical breakdown covers the attack chain stage by stage, IOCs, and how to check if you're affected: stepsecurity.io/blog/node-ipc-…

English
0
2
3
543
StepSecurity retweetledi
seslly
seslly@seslly·
server side javascript might die with this pace of CVEs
StepSecurity@step_security

🚨 BREAKING: node-ipc compromised. Again. Three malicious versions of node-ipc (9.1.6, 9.2.3, 12.0.1) were published today carrying an identical credential-stealing payload. This package has 10M+ weekly downloads. Here's what happened: An attacker injected an 80KB obfuscated IIFE into the CommonJS bundle. It fires on every require('node-ipc') call. No special config needed, just importing the package is enough. What it steals: → AWS, Azure, GCP credentials → SSH private keys → Kubernetes configs → Docker tokens → GitHub CLI tokens → AI tool configs (including Claude) → Terraform state → 90+ credential file patterns in total Everything gets gzipped and exfiltrated to an attacker-controlled domain (sh[.]azurestaticprovider[.]net) via DNS TXT queries and HTTPS POST, designed to look like normal traffic. The attacker published across two major version lines simultaneously (9.x and 12.x) to maximize blast radius. Semver ranges like ^9, ~9.1.x, ~9.2.x, ^12, and ~12.0 all resolve to compromised versions automatically on the next install or lockfile refresh. Key details: Only the CommonJS bundle (node-ipc.cjs) is affected. ESM imports are clean. The 9.x releases are fabricated. The 9.x line never shipped a .cjs bundle before this attack. This is a different actor from the 2022 peacenotwar incident. Purely financial, credential-theft motivation. If you installed any of these versions, assume all secrets on that machine are compromised. Rotate everything. Our full technical breakdown covers the attack chain stage by stage, IOCs, and how to check if you're affected: stepsecurity.io/blog/node-ipc-…

English
0
1
5
407
StepSecurity
StepSecurity@step_security·
🚨 BREAKING: node-ipc compromised. Again. Three malicious versions of node-ipc (9.1.6, 9.2.3, 12.0.1) were published today carrying an identical credential-stealing payload. This package has 10M+ weekly downloads. Here's what happened: An attacker injected an 80KB obfuscated IIFE into the CommonJS bundle. It fires on every require('node-ipc') call. No special config needed, just importing the package is enough. What it steals: → AWS, Azure, GCP credentials → SSH private keys → Kubernetes configs → Docker tokens → GitHub CLI tokens → AI tool configs (including Claude) → Terraform state → 90+ credential file patterns in total Everything gets gzipped and exfiltrated to an attacker-controlled domain (sh[.]azurestaticprovider[.]net) via DNS TXT queries and HTTPS POST, designed to look like normal traffic. The attacker published across two major version lines simultaneously (9.x and 12.x) to maximize blast radius. Semver ranges like ^9, ~9.1.x, ~9.2.x, ^12, and ~12.0 all resolve to compromised versions automatically on the next install or lockfile refresh. Key details: Only the CommonJS bundle (node-ipc.cjs) is affected. ESM imports are clean. The 9.x releases are fabricated. The 9.x line never shipped a .cjs bundle before this attack. This is a different actor from the 2022 peacenotwar incident. Purely financial, credential-theft motivation. If you installed any of these versions, assume all secrets on that machine are compromised. Rotate everything. Our full technical breakdown covers the attack chain stage by stage, IOCs, and how to check if you're affected: stepsecurity.io/blog/node-ipc-…
English
1
32
61
21.1K
StepSecurity
StepSecurity@step_security·
🚨 ACTIVE INCIDENT: The Mini Shai-Hulud worm is back, and it just compromised dozens of official @tanstack npm packages This is the first documented self-spreading npm worm that carries valid SLSA provenance attestations. Let that sink in. Our OSS Package Security Feed detected the compromised releases and we're tracking the spread in real time. Here's what happened: The attacker staged an obfuscated 2.3 MB credential-stealing payload in a fork of TanStack/router, then used hijacked OIDC tokens to publish malicious versions through TanStack's own legitimate GitHub Actions release pipeline. The compromised packages include @tanstack/react-router, @tanstack/router-core, @tanstack/react-start, and 40+ other packages. Millions of weekly downloads across the ecosystem. If you installed any affected version in CI, assume all secrets in that environment are compromised. Rotate tokens immediately. Full technical analysis, IOCs, compromised version list, and recovery steps on our blog. The list of affected packages is still growing. stepsecurity.io/blog/mini-shai…
English
0
14
20
5.1K