They say developers are paranoid. Turns out, they’re right. A popular VS Code extension, Nx Console, just became the latest vector for a sophisticated credential stealer.
It happened fast. One minute, you’re coding. The next, your secrets are on their server. This wasn’t a subtle phishing email; this was a direct assault on the tools of the trade. Version 18.95.0 of rwl.angular-console, the Nx Console extension, landed on the VS Code Marketplace. Millions of installations. And within seconds of anyone opening a workspace, it sprang to life.
Silent, deadly, and utterly brazen. That’s the Nx Console attack. A 498 KB blob of obfuscated nastiness, pulled from a forgotten corner of the official Nx GitHub repo. This isn’t just some amateur hour script. This is a multi-stage credential stealer and supply chain poison. It slurps up your developer secrets, tosses them over HTTPS, the GitHub API, or even DNS tunneling. And if you’re on macOS, congratulations, you’ve got a new Python backdoor. It’s a dead drop for further commands, all disguised as innocent network traffic.
The Developer’s Compromise
How did this happen? Apparently, one of their own developers got popped. Their machine was compromised, GitHub creds leaked. So what do you do with stolen credentials? Push a sneaky, orphaned commit. No signature, no warning, just malware. The Nx team admits a “few users were compromised.” Few? That’s rich. When your tool is used by millions, “few” could still be a terrifying number.
This whole episode stinks of supply chain malfeasance. It’s the second time in under a year the Nx ecosystem has been hit. Last year, it was npm packages. Now, it’s the IDE itself. They’re coming for your code, and they’re using your trusted tools against you.
The Double-Edged Sword of Trust
What’s truly chilling is the Sigstore integration. The payload boasts Fulcio certificates and SLSA provenance. Combine that with stolen npm OIDC tokens, and suddenly, the attacker can publish signed malicious packages. Packages that look legitimate. Packages you might actually trust. This isn’t just stealing credentials; it’s about poisoning the well of trust for the entire open-source ecosystem. We’re talking about manufacturing verifiable, cryptographically signed malware. That’s a leap. A terrifying leap.
The Nx team has urged users to update to 18.100.0 or later. Good advice. But what about those who were already hit? They’ve published indicators of compromise. Look for files like ~/.local/share/kitty/cat.py or processes with __DAEMONIZED=1. If you find them, terminate, delete, and rotate everything. Passwords, API keys, SSH tokens. You name it.
“One capability that stands out: the payload contains full Sigstore integration, including Fulcio certificate issuance and SLSA provenance generation. Combined with stolen npm OIDC tokens, this means the attacker could publish downstream npm packages with valid, cryptographically signed provenance attestations, making the malicious packages appear as legitimate, verified builds.”
This entire saga is a stark reminder. Your IDE is no longer a sanctuary. It’s a potential battlefield. And the attackers are getting disturbingly good at disguising their weapons as tools we rely on every single day.
A Barrage of Malicious Packages
And if the Nx Console incident wasn’t enough, this news drops alongside a veritable flood of other malicious npm packages. We’ve got iceberg-javascript, supabase-javascript, auth-javascript – all dropping ELF binaries to steal credentials from Claude Code sessions. Then there’s noon-contracts, impersonating a Noon Protocol SDK to swipe SSH keys, crypto wallets, AWS creds, Kubernetes secrets, and everything in .env files. It’s a free-for-all.
We’re seeing trojanized forks like martinez-polygon-clipping-tony that pack a Windows RAT. There’s common-tg-service, designed to hijack Telegram accounts. Even exiouss is out there, sniffing out ChatGPT and OpenAI session cookies from Chrome, Edge, and Brave. The sheer volume and variety are staggering. The attack surface keeps expanding, and these supply chain attacks are becoming disturbingly sophisticated.
🧬 Related Insights
- Read more: Machine-Speed Hackers Are Here: Your Network’s Nightmare Just Got Autonomous
- Read more: Exchange 0-Day & npm Worm: Are Your Dependencies Truly Secure?
Frequently Asked Questions
What should I do if I had Nx Console version 18.95.0 installed?
Immediately update to version 18.100.0 or later. Then, follow the indicators of compromise provided by the Nx team. This involves terminating suspicious processes, deleting malicious files, and rotating all credentials accessible from your machine.
Is my data safe if I didn’t use Nx Console?
While the Nx Console incident specifically targeted users of that extension, the accompanying discoveries of numerous malicious npm packages mean your data could still be at risk if you’ve recently installed or updated other dependencies. It’s wise to audit your installed packages and maintain a high level of vigilance.
What is Sigstore and why is it being abused?
Sigstore is a project aiming to improve the security of open-source software supply chains. It provides tools for signing software artifacts and verifying their provenance. Attackers are abusing it by using stolen credentials to generate legitimate-looking signed attestations for their malicious code, making it harder to detect.
