Listen to this Post
Introduction
A major security breach has rocked the open-source ecosystem after a coordinated supply chain attack compromised 16 widely-used react-native-aria packages published by Gluestack on NPM. These packages, collectively downloaded nearly one million times per week, were found to be injected with remote access trojan (RAT) malware capable of silently hijacking systems and exfiltrating data. The attack was discovered by cybersecurity firm Aikido Security and is believed to be linked to an earlier NPM malware campaign. With growing reliance on package managers like NPM in the software development lifecycle, this incident is a stark reminder of the vulnerabilities embedded deep within modern supply chains.
Main Report: The Gluestack Compromise
On June 6 at 4:33 PM EST, the first sign of compromise appeared when a new version of react-native-aria/focus was published on NPM. In the hours that followed, attackers pushed modified versions of 16 Gluestack packages, most notably from the react-native-aria suite, all injected with malicious code. These packages include widely-used components like checkbox, focus, interactions, and utils, with weekly downloads ranging from a few dozen to over 125,000. The attack has potentially impacted an estimated 960,000 weekly downloads in total, making it one of the most significant supply chain attacks to hit NPM in recent memory.
Aikido Security discovered the attack by detecting obfuscated malware appended to the lib/index.js files. The code is strategically hidden at the end of the file with padding to evade detection via standard NPM site viewers. According to the researchers, the malware behaves like a remote access trojan capable of communicating with command and control (C2) servers. Once installed, the trojan can execute a range of commands such as changing directories, uploading files, and executing arbitrary shell commands. It also hijacks Windows PATH variables by injecting a fake Python installation path, effectively allowing it to override Python or pip commands with malicious binaries.
The tactics mirror those observed in an earlier attack uncovered by Aikido just a month ago, suggesting that the same threat actors may be involved. Those earlier compromised packages included names like biatec-avm-gas-station, cputil-node, and lfwfinance/sdk. In both cases, the attacks relied on advanced obfuscation and exploitation of trust within the NPM ecosystem.
Aikido’s lead researcher Charlie Eriksen has tried to alert Gluestack by opening GitHub issues across their repositories, but there has been no response so far. The timing of the attack—early Saturday morning in the U.S.—may not be coincidental, as attackers often exploit off-hours for minimal oversight. Meanwhile, Aikido has reported the packages to NPM, although the resolution process could take days. As of now, new malicious versions were still being published just hours before BleepingComputer’s report, indicating the attack is active and ongoing.
What Undercode Say:
This breach highlights the critical and persistent risks within software supply chains. The attack is not simply about a rogue package — it reflects a deeper issue in open-source governance, developer trust, and ecosystem security. At the center of this incident lies the widespread use of automated package updates and the near-blind trust developers place in NPM and its maintainers. With Gluestack’s packages enjoying nearly a million weekly downloads, even a short delay in detection and response can cascade into catastrophic exposure for countless applications and users.
The use of heavy obfuscation and file padding is a calculated move to evade both visual and automated detection mechanisms. It’s a tactic that’s becoming more common among sophisticated attackers. The injected remote access trojan can operate with full access, upload or manipulate files, and run system-level commands—essentially giving attackers the keys to a victim’s digital kingdom. The added twist of PATH hijacking introduces an even more dangerous layer of persistence, allowing malware to replace legitimate system commands without triggering alarms.
Another alarming aspect is the attacker’s strategic timing. Launching on a Saturday morning in the U.S., when IT response teams are less staffed, demonstrates tactical awareness. Moreover, the apparent silence from Gluestack reveals a glaring communication gap in how open-source maintainers handle security alerts. Even though Aikido acted quickly by opening issues and contacting NPM, the current package removal protocol still takes days, giving attackers a long window to cause damage.
The trend is clear: threat actors are increasingly targeting popular development tools and libraries instead of going after the end-user directly. This allows them to infect thousands—if not millions—of downstream applications in a single stroke. The problem becomes harder to control when these compromised packages are automatically integrated into build systems via CI/CD pipelines. In such cases, malicious code can enter production environments without any human intervention.
Looking at the bigger picture, this incident underscores the need for supply chain security to be treated with the same urgency as application-level or infrastructure-level security. Measures like signing packages, verifying maintainers, and scanning for anomalous file changes should be non-negotiable standards for any package manager. The community must push for quicker response protocols from platforms like NPM and demand that maintainers treat security disclosures as top priority, regardless of the day or time.
It’s also important to recognize the broader ecosystem risk. While this specific attack targeted Gluestack’s packages, the same tactics could be easily replicated across other popular libraries. Developers and organizations must start incorporating security checks and anomaly detection into their CI/CD pipelines to prevent automatic ingestion of malicious code. Proactive monitoring and behavioral analysis of package updates can help catch anomalies before they hit production.
In sum, this event serves as both a wake-up call and a case study in how modern software delivery pipelines can be exploited at scale. Without drastic improvements in open-source security hygiene, such incidents will continue to occur with increasing frequency and severity.
Fact Checker Results ✅🔍
Was malicious code confirmed in Gluestack’s NPM packages? ✅ Yes
Is the malware capable of remote command execution? ✅ Yes
Did Gluestack respond to initial warnings? ❌ No
Prediction 🔮🚨
Given the
References:
Reported By: www.bleepingcomputer.com
Extra Source Hub:
https://www.instagram.com
Wikipedia
Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
