Self-Propagating npm Worm Hijacks Packages to Exfiltrate Developer Tokens

A worm is spreading laterally through the npm ecosystem by compromising maintainer accounts, injecting malicious payloads into published packages, and using harvested developer tokens to pivot into additional packages owned by the same maintainers. Each successful infection becomes a launchpad for the next, turning the registry’s trust graph into a propagation mechanism rather than a defensive boundary.

The attack pattern weaponizes the implicit trust between a maintainer and their published artifacts. Once a token is stolen, the worm authenticates as the legitimate publisher and pushes tainted versions that downstream consumers pull in through normal dependency resolution. Any CI pipeline, developer workstation, or build agent installing or updating affected packages becomes a potential credential-exfiltration endpoint.

The significance is structural: this is not a single rogue package but an active, replicating campaign that treats the registry like a substrate. Pinned versions, lockfile discipline, scoped tokens with publish limits, 2FA enforcement on maintainer accounts, and token rotation after any suspected exposure are the controls that actually constrain blast radius. Treating every dependency update as untrusted until verified is the operating posture this class of attack requires.