惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

雷峰网
雷峰网
N
Netflix TechBlog - Medium
博客园_首页
J
Java Code Geeks
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Y
Y Combinator Blog
腾讯CDC
V
V2EX
Microsoft Security Blog
Microsoft Security Blog
大猫的无限游戏
大猫的无限游戏
Cyberwarzone
Cyberwarzone
N
News and Events Feed by Topic
L
LINUX DO - 最新话题
Schneier on Security
Schneier on Security
Microsoft Azure Blog
Microsoft Azure Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Hacker News: Ask HN
Hacker News: Ask HN
Martin Fowler
Martin Fowler
Google DeepMind News
Google DeepMind News
G
Google Developers Blog
U
Unit 42
WordPress大学
WordPress大学
N
News and Events Feed by Topic
S
Schneier on Security
T
The Blog of Author Tim Ferriss
B
Blog
博客园 - 叶小钗
Forbes - Security
Forbes - Security
F
Fortinet All Blogs
Project Zero
Project Zero
K
Kaspersky official blog
Apple Machine Learning Research
Apple Machine Learning Research
L
LINUX DO - 热门话题
The GitHub Blog
The GitHub Blog
H
Hacker News: Front Page
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
PCI Perspectives
PCI Perspectives
The Register - Security
The Register - Security
www.infosecurity-magazine.com
www.infosecurity-magazine.com
W
WeLiveSecurity
C
Cyber Attacks, Cyber Crime and Cyber Security
罗磊的独立博客
S
Security @ Cisco Blogs
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog
P
Proofpoint News Feed
S
SegmentFault 最新的问题
D
Docker
量子位
M
MIT News - Artificial intelligence

Nx Blog

Sharing Tailwind CSS Styles Across Apps in a Monorepo | Nx Blog How SiriusXM Stays Competitive by Iterating and Getting to Market Fast | Nx Blog Agentic Experience Is the New Developer Experience | Nx Blog Nx Joins the Linux Foundation and the Agentic AI Foundation | Nx Blog A Monorepo Is NOT a Monolith | Nx Blog Why we deleted (most of) our MCP tools | Nx Blog Teach Your AI Agent How to Work in a Monorepo | Nx Blog How Broadcom stays efficient and nimble with monorepos | Nx Blog Why Monorepos are King in the Age of AI | Nx Blog Nx 2026 Roadmap: Expanding Agent Autonomy, Improving Performance, Better Polyglot and More | Nx Blog End to End Autonomous AI Agent Workflows with Nx | Nx Blog Autonomous Agents at Scale | Nx Blog Scaling 700+ Projects: How Nx Became a 'No-Brainer' for Caseware | Nx Blog Configure Tailwind v4 with Angular in an Nx Monorepo | Nx Blog The Missing Multiplier for AI Agent Productivity | Nx Blog A Year of Nx Webinars | Nx Blog Wrapping Up 2025 | Nx Blog Nx 22.3 Release: Angular 21 Support, tsgo Compiler, and Prettier v3 | Nx Blog Nx Cloud Release: Agent Resource Usage | Nx Blog Nx Platform Outperforms DIY Cache by 5x | Nx Blog An Nx Carol: Past, Present, and Future of Your Monorepo | Nx Blog Nx 22.1 Release: Terminal UI on Windows, Storybook 10, Vitest 4, and more! | Nx Blog The Compounding Effect: How Nx Features Multiply Performance Gains | Nx Blog 10 Monorepo Myths Debunked: Separating Fact from Fiction | Nx Blog Nx Cloud Release: Enterprise Task Analytics | Nx Blog Watch and Rebuild Storybook Dependencies with Nx | Nx Blog Book - React for Enterprise: Timeless Architecture for Enterprise Apps | Nx Blog Beyond Remote Cache: Unlock 70% More CI Performance | Nx Blog Nx 22 Release: Expanding the build platform | Nx Blog What's the Point of Generating All This Code If You Can't Merge It? | Nx Blog What's New in Nx Self-Healing CI | Nx Blog Nx Highlights: Smarter AI integration, all-new graph UI, and big new versions of your favorite tools | Nx Blog Making the Case for Smarter Monorepos, and How to Not Get Fooled by Myths | Nx Blog Integrating Biome in 20 Minutes | Nx Blog Stop Babysitting Your PRs: Self-Healing CI Cuts Time to Green by 50% | Nx Blog UKG Unifies Their Codebase and Eliminates CI Overhead to Focus on Customer Value | Nx Blog How Git Worktrees Changed My AI Agent Workflow | Nx Blog Nx Cloud Workspace Graph: See Your Organization's Code Structure Like Never Before | Nx Blog Seamless Java Deployment in Nx Using Docker | Nx Blog Getting Mobile Into Your Monorepo: Android + Nx | Nx Blog Polyglot Projects Made Easy: Integrating Spring Boot into an Nx Workspace | Nx Blog The Journey of the Nx Plugin for Gradle: From Prototype to Production | Nx Blog Combining Predictability and Intelligence With Nx Generators and AI | Nx Blog A New UI For The Humble Terminal | Nx Blog Continuous tasks are a huge DX improvement | Nx Blog New and Improved Module Federation Experience with Nx | Nx Blog A New UI for Nx Migration | Nx Blog Custom Task Runners and Self-Hosted Caching Changes | Nx Blog Enterprise Angular Monorepo Patterns | Nx Blog Using Rspack with Angular | Nx Blog Angular Architecture Guide To Building Maintainable Applications at Scale | Nx Blog Modern Angular Testing with Nx | Nx Blog Nx Update: 20.5 | Nx Blog Are Monorepos the Answer to Better AI-Assisted Development? | Nx Blog Making Cursor Smarter with an MCP Server For Nx Monorepos | Nx Blog React Development for 2025 | Nx Blog Using Apollo GraphQL in an Nx Workspace | Nx Blog Angular State Management for 2025 | Nx Blog Tailoring Nx for Your Organization | Nx Blog Nx Cloud Pipelines Come To Nx Console | Nx Blog Define the relationship with monorepos | Nx Blog See your affected project graph in Nx Cloud | Nx Blog Handling CORS In Your Workspace | Nx Blog Improve your architecture and CI pipeline times with Nx projects | Nx Blog Announcing Nx 20 | Nx Blog Introducing Nx Powerpack | Nx Blog Nx 19.5 is here! Stackblitz, Bun, Incremental Builds for Vite, Gradle Test Atomizer | Nx Blog Introducing Explain with AI | Nx Blog Nx Enterprise Podcast Episode 2: Tine Kondo | Nx Blog Monorepos and CI can be a Mess - Here's How Nx and Nx Cloud Fixed It | Nx Blog Nx Enterprise Podcast Episode 1: Hicham El Hammouchi | Nx Blog Nx 19.0 Release!! | Nx Blog Manage Your Gradle Project using Nx | Nx Blog Making the Argument for Monorepos | Nx Blog Reliable CI. A new execution model fixing both flakiness and slowness | Nx Blog Monorepos - Why Speed Matters | Nx Blog Nx Agents Walkthrough: Effortlessly Fast CI Built for Monorepos | Nx Blog Launch Nx Week Recap | Nx Blog Versioning and Releasing Packages in a Monorepo | Nx Blog Fast, Effortless CI | Nx Blog Introducing @nx/nuxt Enhanced Nuxt.js Support in Nx | Nx Blog What if Nx Plugins Were More Like VSCode Extensions | Nx Blog Monorepos: the Benefits, Challenges, and Importance of Tooling Support | Nx Blog Nx — Highlights of 2023 | Nx Blog Nx 17.2 Update | Nx Blog Unit Testing Expo Apps With Jest | Nx Blog Nx Docs AI Assistant | Nx Blog State Management Nx React Native/Expo Apps with TanStack Query and Redux | Nx Blog Nx 17 has Landed | Nx Blog Nx Conf 2023 — Recap | Nx Blog Nx Raises $16M Series A | Nx Blog Introducing Playwright Support for Nx | Nx Blog Nx 16.8 Release!!! | Nx Blog Step-by-Step Guide to Creating an Expo Monorepo with Nx | Nx Blog Qwikify your Development with Nx | Nx Blog Create Your Own create-react-app CLI | Nx Blog Storybook Interaction Tests in Nx | Nx Blog Evergreen Tooling — More than Just CodeMods | Nx Blog Nx 16.5 Release!!! | Nx Blog A Practical Guide on Effective AI Use - AI as Your Peer Programmer | Nx Blog
S1ngularity - What Happened, How We Responded, What We Learned | Nx Blog
Juri Strumpflohner · 2025-09-06 · via Nx Blog

On August 26, 2025, malicious versions of several Nx packages were published to npm. Attackers exploited a GitHub Actions injection vulnerability to steal our NPM publishing token and publish malicious packages for 4 hours. The packages scanned users' systems for sensitive data and uploaded it to public GitHub repositories. We've since implemented NPM Trusted Publishers, a manual approval process for all releases, and enhanced security measures.

We want to provide full transparency about what happened, how we responded, and the steps we've taken to prevent it from happening again.

For a fully detailed breakdown of the entire timeline, please refer to our GHSA on GitHub.

What Happened

Attackers extracted our NPM token and used it to publish malicious versions of Nx packages to the NPM registry.

Our publishing process itself wasn’t breached, but the token let attackers bypass release pipelines. We detected this because the malicious packages lacked NPM provenance signing. Unfortunately, provenance doesn’t block unsigned packages from being installed, which is what happened.

The malicious packages ran a post-install script that scanned user systems for sensitive data, attempted to use local AI tools (like Claude and Gemini), and uploaded the results to a public GitHub repo via the GitHub CLI.

Nx Cloud was not affected by this incident at any point and remained fully operational and secure. The attack targeted the OSS packages of Nx.

Our Response

This is how we responded to the security incident.

Immediate Containment: We reached out to NPM, removed the affected token, and started to manually unpublish the malicious packages. NPM stepped in to remove all packages and revoke all our NPM tokens. The malicious packages were active for 4 hours before being completely removed from the registry.

Communication and Damage Mitigation: We published a security advisory that we constantly updated and added a security policy for Nx OSS to call out the existing security@nrwl.io email for reporting vulnerabilities. We started identifying and reaching out to our point of contacts: our Nx Enterprise customers, social media and Discord communities, and actively monitored GitHub for leaked repositories, opening issues to alert their respective owners. We collaborated closely with GitHub, who stepped in to take leaked repositories offline.

Investigation and Access Hardening: Since the packages lacked NPM provenance signing, we knew they didn't originate from our CI pipeline. We disabled all publishing workflows and external contributor access until we understood the attack vector, then worked backwards from the leaked NPM token to uncover the technical details.

Here's our detailed chronological timeline on our GHSA.

Technical Details: How The Attack Worked

The attack exploited a GitHub Actions injection vulnerability to steal our NPM token. Here's the simplified attack chain:

The Vulnerability

Three conditions aligned to make this attack possible:

  1. PR title validation workflow with injection vulnerability - Our workflow used pull_request_target which runs with the permissions of the target branch (not the fork) and can access repository secrets. This bypasses normal restrictions that prevent external contributors from running workflows, as GitHub's documentation warns. Combined with unsanitized PR title echoing, this created a dangerous injection point.
  2. Workflow permissions set to read/write - Our repository still had GitHub's original default setting of "Read and write permissions" for Actions. GitHub changed this default to "Read permissions" for new repositories in February 2023, but existing repositories weren't automatically updated. This meant any workflow token had full repository access instead of the safer read-only default (check yours at /settings/actions).
  3. Manual workflow dispatch enabled - Our publish.yml workflow included workflow_dispatch to allow manual triggering for PR publishing workflows. Crucially, this also enabled triggering the workflow programmatically via GitHub's API, which became essential for the attacker's strategy.

The Attack Chain

  1. Initial exploit: Attacker created a PR with a malicious title containing shell commands. Due to our PR title validation workflow's injection vulnerability and pull_request_target setup, these commands executed with repository permissions.
  2. Token extraction and escalation: The malicious script ran with elevated permissions, extracted a read/write GitHub token (due to our workflow permissions setting), and used it to:
    • Create a branch with a malicious script replacing our legitimate CI script
    • Trigger our publish workflow against that branch via the GitHub API (enabled by workflow_dispatch)
    • Clean up traces by deleting branches and workflow runs
  3. NPM token theft: When the publish workflow ran the malicious script, it had access to our NPM_TOKEN and exfiltrated it
  4. Malicious packages: Using the stolen token, they published infected Nx packages with postinstall hooks that scanned users' systems and leaked data to public GitHub repositories

We're grateful to the community members who alerted us to the attack and assisted during our investigation. Some of the contributions were instrumental in helping us understand how the attack unfolded and piece together this technical timeline.

Are You Affected?

If you installed any of these malicious versions, check if your system was compromised.

Affected versions:

  • nx: 21.5.0, 20.9.0, 20.10.0, 21.6.0, 20.11.0, 21.7.0, 21.8.0, 20.12.0
  • @nx/devkit, @nx/js, @nx/workspace, @nx/node: 21.5.0, 20.9.0
  • @nx/eslint: 21.5.0
  • @nx/key, @nx/enterprise-cloud: 3.2.0

Check for data exfiltration:

  • Review your GitHub security log for suspicious repositories that were created unexpectedly
  • Check your ~/.bashrc or ~/.zshrc for suspicious additions like sudo shutdown -h 0

If you find evidence of compromise:

  1. Secure your accounts: Delete or make suspicious GitHub repositories private, then revoke GitHub CLI access and refresh your tokens
  2. Clean package caches: Run npm cache clean --force, yarn cache clean --all, or pnpm store prune --force and remove npx cache folders
  3. Update Nx: Install the latest version if you were using affected packages

Lessons Learned and Actions Taken

First off, we take security extremely seriously:

  • We undergo frequent security audits for our SOC 2 certification.
  • We have set up extensive ownership and all our PRs require explicit reviews and approvals from one or multiple of these owners.

Retrospectively, we made one critical mistake: if you gained access to our trusted environment (the Nx OSS repository), you were able to publish to NPM, leading to a huge impact given our ~6 million weekly installs.

Regardless of how much caution and attention you put in, security breaches might happen, PR reviews might miss important parts, and vulnerabilities might slip through (even with automated checks in place). But the impact must be limited even in those cases.

We learned this the hard way and immediately put measures in place:

  • We no longer use NPM tokens for our publishing process but rather switched to the recently released Trusted Publisher using OIDC authentication. This effectively connects our GitHub repo, our CI pipeline, and the NPM registry.
  • Enforce all publishing workflows to happen via our CI pipeline, which now requires manual 2FA for publishing all Nx-related packages to NPM Screenshot of manual approval process during the CI release pipeline
  • Disable pipeline runs for all external contributors, not just first-time contributors. An approval is required in all instances.
  • Add extra provenance checks in Nx and Nx Console whenever we run the latest version of Nx to make sure they actually originate from a trusted environment.
  • We created a SECURITY.md for responsible disclosure.

In addition to these direct measures, we also took action to make sure our own engineers are not subject to such attacks by verifying how tokens are being managed, securing invocations of the GitHub CLI, etc.

Conclusion

By sharing our experience with complete transparency we hope to raise awareness about potential security vulnerabilities in GitHub automation workflows.

This incident also highlights the importance of being mindful about what sensitive data is stored locally on your development machine. Consider using secure credential management tools, avoiding plaintext tokens and API keys in configuration files, and regularly auditing what sensitive information might be accessible on your system. Even in the case of a compromise, minimizing the exposure of credentials and sensitive data can significantly reduce the potential impact.

We remain committed to maintaining a secure setup for all Nx users.

For complete details, see our GitHub Security Advisory. For questions or assistance, reach out to security@nrwl.io.