Overview
- Security firm Socket says the campaign first appeared on May 22 and has pushed at least 34 malicious packages across npm, PyPI and Crates.io with roughly 384 affected versions.
- The malware runs ecosystem-specific code paths—npm postinstall hooks, Python import-time delegation to remote JavaScript, and Rust build scripts—to scan hosts for wallets, SSH keys, AWS tokens and GitHub tokens.
- Stolen data is validated via cloud and GitHub API calls and exfiltrated to attacker-controlled GitHub Pages and Gists, allowing operators to change payload behavior without republishing packages.
- Operators planted hidden instruction files and opened pull requests that aim to trick AI coding assistants into running fake security scans that disclose secrets during developer workflows.
- Registry maintainers and projects are removing listed packages, investigators are assessing the full impact, and defenders are urged to rotate exposed credentials, audit dependencies and tighten CI and repository controls.