Listen to this Post
Introduction
In one of the most alarming cyber incidents of the year, hackers exploited a stolen NPM token in the Nx supply chain attack, unleashing a sophisticated campaign named s1ngularity. This large-scale breach exposed thousands of private repositories, leaked highly sensitive developer secrets, and even manipulated AI-powered command-line tools to expand its reach. The incident highlights the growing vulnerabilities in open-source ecosystems and raises urgent questions about the intersection of AI, cloud security, and supply chain threats.
Full Breakdown of the Nx Supply Chain Breach
The Initial Compromise
Hackers stole an NPM token tied to the Nx repository and published eight malicious versions of the platform. These infected versions contained a post-install script that secretly executed a malicious telemetry.js file targeting Linux and macOS systems.
Secrets Harvesting
The malware systematically searched infected machines for sensitive assets including API keys, GitHub tokens, NPM tokens, SSH keys, and cryptocurrency wallets. Once found, the data was encoded and uploaded to public GitHub repositories under names like s1ngularity-repository.
Scale of the Breach
Over 20,000 stolen files identified.
At least 225 distinct users impacted.
More than 2,300 secrets leaked.
Around 1,700 users confirmed with exposed secrets.
Each leaked record contained at least one GitHub token, proving the attack was designed for deeper infiltration.
AI in Cybercrime
Shockingly, the attackers used AI-powered CLIs (Claude, Gemini, and others) to perform reconnaissance and assist in data exfiltration. Half of all victims had AI CLIs installed, though only 25% of those cases led to AI-driven data leaks.
Phase Two – Going Public
After GitHub removed the initial repositories and revoked the compromised NPM token, hackers escalated their strategy. They used stolen credentials to breach 480 accounts (including 300 organizations), publishing over 6,700 private repositories publicly.
One company saw 700+ repos leaked.
Thousands of valid credentials were exposed.
Hackers later created more than 500 repositories with the suffix _bak, linked to a single organization.
Payload Diversity
At least three unique payloads were embedded in the malicious Nx versions. Each variant interacted differently with AI CLIs to trick them into scanning for secrets.
Nature of Stolen Data
Out of 20,000 exfiltrated files, fewer than 100 unique valid secrets were discovered. The majority targeted AI services (Langsmith, Anthropic, OpenAI) and cloud providers (AWS, Azure, Vercel). Interestingly, cryptocurrency wallets were not successfully compromised.
Evasion Tactics
Hackers minimized their footprint by avoiding their own infrastructure. Initially, they used webhook.site, but later switched to exploiting GitHub CLI (gh), allowing them to exfiltrate data without revealing their infrastructure.
Ongoing Risks
Despite mitigations, around 100 NPM tokens remain valid, making up 40% of those leaked. In contrast, only 5% of GitHub tokens are still active. Wiz urges victims to:
Rotate all secrets immediately.
Monitor GitHub Audit Logs for suspicious activity.
Hunt for IoCs to confirm system integrity.
What Undercode Say: 🔍
The Nx s1ngularity attack represents more than just another supply chain breach — it’s a turning point in how hackers leverage AI and open-source vulnerabilities.
1. Supply Chain Fragility
This case proves how a single compromised token in a trusted repository can cascade into thousands of downstream compromises. The fact that malicious Nx packages were distributed to developers worldwide shows how blind trust in open-source libraries can become catastrophic.
2. Weaponizing AI Tools
The attackers’ creative misuse of AI CLIs is a critical warning. Instead of building models or automations, AI became an accomplice in cybercrime — a reconnaissance partner for hackers. This foreshadows a dangerous future where generative AI is misused for automated exploitation at scale.
3. Credential Goldmine
Unlike traditional ransomware or financial heists, this attack focused on stealing secrets — the keys to cloud environments, AI systems, and developer pipelines. Stolen credentials are far more valuable than one-time data dumps since they enable long-term access to organizations’ digital infrastructure.
4. Organizational Impact
For companies, the exposure of 700+ private repositories is devastating. These repos often hold source code, infrastructure-as-code, deployment scripts, and even hardcoded credentials. The intellectual property and security risks are immeasurable.
5. Operational Security of Hackers
Interestingly, the attackers showed a disciplined approach. By leveraging GitHub’s own ecosystem instead of external infrastructure, they avoided leaving traditional traces. This signals an evolution in hacker tradecraft, where “living off the land” techniques are now common in open-source attacks.
6. Lessons for the Future
Organizations must adopt zero-trust principles even in software supply chains.
Automated secret scanning tools should be mandatory for developers.
AI tools must evolve with guardrails to prevent abuse in malicious contexts.
This event underscores that the weakest link in software supply chains isn’t always code — it’s trust.
Fact Checker Results ✅❌
✅ Hackers did exploit Nx repositories via a stolen NPM token.
✅ Over 6,700 private repos were leaked publicly.
❌ No confirmed evidence of cryptocurrency theft, despite wallet scanning attempts.
Prediction 🔮
The s1ngularity attack won’t be the last of its kind. Future hackers will increasingly weaponize AI for reconnaissance and automated exploitation. Expect to see:
More AI-assisted supply chain breaches targeting trusted developer tools.
Expanded credential harvesting campaigns focusing on cloud and AI service APIs.
A surge in zero-trust adoption as organizations realize the fragility of their supply chain security.
The next wave of cyberattacks may no longer just involve code — but AI working against its own creators.
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: www.securityweek.com
Extra Source Hub:
https://www.medium.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon
