Dissecting NX Supply Chain Attack

A presentation at BSides Vizag 2025 in December 2025 in Visakhapatnam, Andhra Pradesh, India by Rohit Narayanan M

Slide 1

Slide 1

Dissecting NX Supply Chain Attack by Rohit Narayanan M

Slide 2

Slide 2

What happened? 1000 + Developer systems compromised 2300+ Secrets Leaked 10000+ Repositories made public

Slide 3

Slide 3

I am Rohit Narayanan M Security Engineer @ Scapia 4+ Years in Web security CTF player @ team bi0s AKA Lu513n

Slide 4

Slide 4

Nx build? ● ● ● Widely-used, open-source build system with millions of weekly downloads Controls how source code is tested, bundled, and prepared for deployment. Operates in privileged environments (developer machines, CI/CD pipelines) with access to all source code, dependencies, and secrets like API keys and authentication tokens, making it a high-value target for credential theft.

Slide 5

Slide 5

How? Vulnerability in Github Action

  1. Malicious PR -> GITHUB_TOKEN Malicious Pull Request GITHUB_TOKEN Leaked
  2. Malicious Commit -> NPM Token NPM Token leaked DIspatching Publish pipeline Malicious Commit altering publish pipeline
  3. Exfiltrating Secrets Malicious NPM Packages pushed More than 1200 repos made with exfiltrated secrets Private repos made public with already exfiltrated tokens

Slide 6

Slide 6

Github Action Using pull_request_target dispatch Checking out the base branch not the main Using the pull_request.title directly in run

Slide 7

Slide 7

pull_request_target

Slide 8

Slide 8

pull_request.title

Slide 9

Slide 9

Malicious PR (POC) Dumping the whole memory and searching for the token Token only valid for the action time sleep will help keep the token active

Slide 10

Slide 10

Slide 11

Slide 11

Malicious Commit Allowed them to extract the NPM Token to a remote URL Use the extracted Token to publish package to NPM

Slide 12

Slide 12

NPM Package published ● Malicious code was added to multiple npm packages ● Code was packed into postinstall script thereby executing upon installation ● Used AI agents if present to extract secrets

Slide 13

Slide 13

Secret extraction methods

Slide 14

Slide 14

Secret extraction methods

Slide 15

Slide 15

Persistence & Extraction

Slide 16

Slide 16

Slide 17

Slide 17

Further Measures by nx Migration to Trusted Publishers: long-lived NPM tokens -> Trusted Publishers (uses OIDC authentication). Enforced CI/CD and 2FA: All CI pipelines requires manual two-factor authentication. Enhanced Contributor Vetting: Pipeline runs disabled for all external contributors, manual approval required.

Slide 18

Slide 18

What can we do? SBOM: Instantly identify compromised packages. Code Signing: Verify the authenticity and integrity of packages and code. Short-Lived & Scoped Tokens: Use temporary, narrowly-permissioned tokens to limit an attacker’s access and impact. Egress Traffic Visibility: Flag unauthorized data exfiltration to attacker servers. SLSA: Secure the end-to-end software supply chain. EDR/XDR: Detect malicious runtime activity on endpoints. Using NPM’s Trusted Publishers using OIDC authentication

Slide 19

Slide 19

References ● https://nx.dev/blog/s1ngularity-postmortem ● https://www.wiz.io/blog/s1ngularitys-aftermath ● https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7p-598c ● https://github.com/nrwl/nx/commit/3905475cfd0e0ea670e20c6a9eaeb768169 dc33d

Slide 20

Slide 20

Thank You