Hundreds Of Open-Source Packages Hijacked In New Software Supply-Chain Intrusion

A wave of malicious updates hit widely used open-source projects this week after attackers gained access to a developer account and rapidly pushed corrupted releases, researchers reported. In about one-third of an hour the intruders distributed roughly 630 tainted versions across 317 packages, aiming to harvest login data and spread further downstream.

The campaign targeted libraries that countless engineers include in applications, including a visualization toolkit maintained by Alibaba. Some of the hostile uploads also appeared on code hosting platforms, according to multiple security monitors tracking the activity. Investigators say the injected code attempts to extract credentials from browsers and standalone password vaults so the attackers can move laterally and commandeer more systems.

Security firms tracing the incident linked it to a broader string of dependency attacks that analysts have nicknamed “Mini Shai-Hulud.” Last week a related chain of compromised packages was tied to breaches of developer machines—one affecting employees at a major AI company after a popular utility library was abused as an entry point. That episode reinforced how quickly a single poisoned package can escalate.

“We see a familiar pattern: one account takeover, many downstream victims,” said a senior analyst at a commercial cyber firm who reviewed telemetry on the incident. The researcher added that automated publishing pipelines and overly broad repository permissions make it easier for threat actors to amplify a single intrusion into a mass contamination event.

For organizations and individual coders, the immediate steps are clear: revoke any credentials or tokens tied to impacted maintainers, rotate secrets, and scan dependency trees for unexpected new releases. Enable multifactor authentication on package registries and set alerts for sudden publishing bursts, experts recommend.

Longer term, maintainers and platforms will face pressure to harden controls around package publication and to adopt code provenance tooling. Until then developers will need to treat upstream dependencies as potential risk vectors and be prepared to respond when a single compromised account affects many projects.