Toptal, a leading freelance developer platform, was compromised when attackers hijacked its GitHub account and distributed malicious code through popular packages. The incident highlights the ongoing risks in npm package supply chains and the importance of thorough security practices. #Toptal #GitHubCompromise
Keypoints
- Attackers hijacked Toptalβs GitHub account to distribute malware through developer packages.
- Compromised npm packages included popular Toptal-related modules, potentially affecting up to 5,000 users.
- Malicious code enabled theft of GitHub tokens, persistent access, and backdoors for further malware downloads.
- Toptal quickly decommissioned infected packages and reverted to stable versions to contain damage.
- The initial breach vector remains unclear, raising concerns over supply chain security and hacked accounts.
Read More: https://www.theregister.com/2025/07/25/toptal_malware_attack/