Supply-Chain Attacks on Open Source Software: A Growing Threat

The past week has seen a surge in supply-chain attacks on open source software available in public repositories. Numerous developer accounts have been compromised, resulting in the distribution of malicious packages to unsuspecting users.

According to security firm Socket, the latest target is JavaScript code hosted on the npm repository by global talent agency Toptal. The breach affected 10 packages, downloaded by approximately 5,000 users before being detected and removed. This attack marks the third supply-chain incident on npm in the past week.

Poisoning the Well

Hackers initially compromised Toptal's GitHub Organization, leveraging this to publish malicious packages on npm. Details on how the attack was executed remain unclear, but it likely involved GitHub Actions or stored npm tokens accessible after the breach. GitHub and npm often interlink, enabling npm publishing once a GitHub organization is hijacked.

The attack could either stem from compromised GitHub access or separate concurrent vectors affecting both platforms. Determining the precise sequence of events has been challenging due to a lack of forensic evidence.

Toptal has not disclosed how its account was breached, and representatives did not respond to inquiries. The malicious payload embedded in the packages had two stages: first extracting the target’s GitHub authentication token and sending it to an attacker-controlled endpoint. Post this, the payload attempted to erase the target's filesystem, executing commands on Unix-like or Windows operating systems.

In a related attack, Socket uncovered additional supply-chain threats, one targeting npm users and another aimed at PyPI users. As of the discovery, these malicious packages had been downloaded over 56,000 times collectively. The malware covertly integrated surveillance features such as keylogging and credential theft.

Potential for Widespread Damage

These supply-chain attacks pose significant risks due to the dependency nature of open source packages. New dependency versions are often automatically incorporated into downstream packages, amplifying the damage potential.

The compromised packages are numerous, including notable ones like '@toptal/picasso-tailwind' and 'is'. Developers are urged to verify that none of these malicious versions have been installed.

Steps to protect your repository include monitoring for suspicious publishing activity, reviewing package.json scripts, using security scanning in CI/CD, rotating authentication tokens, and implementing multifactor authentication.

Update, Aug. 6, 2025: Toptal reports that the software downloads were mainly from security scanners with no real impacted users identified. They traced the breach to an old credential leak.

The rise in these attacks signals a critical need for repositories to adopt more stringent security measures, including mandatory MFA and pre-release AI security checks. As the trust in open-source software erodes, the community must unite in bolstering defenses against these sophisticated threats.