AI-Driven Malware Compromises 2,180 GitHub Accounts in ‘s1ngularity’ Cyber Attack

ByAdmin

Investigations into the Nx “s1ngularity” NPM supply chain attack have revealed extensive fallout, with thousands of account tokens and repository secrets compromised. According to a post-incident evaluation by Wiz researchers, the Nx compromise has led to the exposure of 2,180 accounts and 7,200 repositories across three distinct phases. Wiz emphasised that the incident’s impact remains significant, as many of the leaked secrets are still valid, indicating that the effects are ongoing.

The Nx “s1ngularity” supply chain attack targeted a popular open-source build system and monorepo management tool, widely used in enterprise-scale JavaScript and TypeScript ecosystems, which boasts over 5.5 million weekly downloads on the NPM package index. On August 26, 2025, attackers exploited a flawed GitHub Actions workflow in the Nx repository to publish a malicious version of the package on NPM, which included a post-install malware script known as ‘telemetry.js’. This malware is a credential stealer aimed at Linux and macOS systems, attempting to extract GitHub tokens, NPM tokens, SSH keys, .env files, and crypto wallets, subsequently uploading the stolen secrets to public GitHub repositories named “s1ngularity-repository.”

What distinguished this attack was the use of installed command-line tools for artificial intelligence platforms, such as Claude, Q, and Gemini, to search for and harvest sensitive credentials and secrets using LLM prompts. Wiz reported that the prompts evolved throughout the attack, indicating that the threat actor was rapidly tuning them for improved effectiveness. The evolution of the prompts demonstrated the attacker’s exploration of prompt tuning, with varying levels of specificity and the introduction of role-prompting techniques. These adjustments had a tangible impact on the malware’s success, as evidenced by the introduction of the phrase “penetration testing,” which resulted in LLM refusals to engage in such activities.

The first phase of the attack, occurring between August 26 and 27, directly impacted 1,700 users, leaking over 2,000 unique secrets and exposing 20,000 files from infected systems. GitHub responded by taking down the repositories created by the attacker after eight hours, but the data had already been copied. In the second phase, from August 28 to 29, the attackers leveraged the leaked GitHub tokens to convert private repositories to public, renaming them to include the ‘s1ngularity’ string. This action further compromised another 480 accounts, predominantly organisations, and led to the public exposure of 6,700 private repositories.

The third phase, which commenced on August 31, saw the attackers focus on a single victim organisation, utilising two compromised accounts to publish an additional 500 packages. 

Categories: Supply Chain Attack, Credential Theft, Open Source Security 

Tags: Nx, s1ngularity, NPM, Supply Chain Attack, Credential Stealer, GitHub Actions, Malware, Secrets, Repository, Tokens 

Leave a Reply

Your email address will not be published. Required fields are marked *