This article details a large-scale npm registry supply chain attack involving a token farming campaign that infected thousands of packages without traditional malware. It highlights the evolving threat landscape driven by financial incentives and the importance of industry collaboration in defending open source ecosystems. #npm #teaxyz #OpenSSF
Keypoints
- Amazon security researchers detected over 150,000 malicious npm packages linked to a token farming campaign.
- The attack involved creating self-replicating packages that earn cryptocurrency rewards without injecting malware.
- Attacker-controlled blockchain wallets were linked through configuration files within the infected packages.
- The incident threatens trust and infrastructure resources in the open source community.
- Industry collaboration with initiatives like OpenSSF is crucial in swiftly responding to such threats.
Read More: https://www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_poisons_150k/