GHSA-CXM3-WV7P-598C
npm · nx, @nx/devkit, @nx/js, @nx/workspace, @nx/node, @nx/eslint
Résumé
On August 26, 2025, attackers exploited a vulnerable GitHub Actions workflow (added Aug 21) susceptible to code injection via a crafted pull-request title to steal Nx's npm publishing token, then published malicious versions of nx (21.5.0, 20.9.0 and others) and several @nx plugins. The malware scanned the filesystem, collected credentials, npm/GitHub tokens, SSH keys and cryptocurrency wallets, and posted them to public GitHub repositories under victim accounts. Dubbed 's1ngularity', it was the first known supply chain attack to weaponize installed AI CLI tools (Claude, Gemini, q) for reconnaissance. The packages were live for about four hours and thousands of secrets were leaked.
Références
Vulnérabilités liées
Tout Supply chain →- CRITICALGHSA-R253-R9JW-QG44
Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args
- HIGHGHSA-7QW2-W5RC-37X2
PraisonAI recipe workflow policy can be bypassed by declaring and YAML-approving dangerous tools outside TEMPLATE.yaml
- CRITICALGHSA-P69M-4F92-2V84
PraisonAI: Remote Code Execution via Sandbox Escape in `codeMode` Tool
- CRITICALGHSA-FQ2M-6WQH-X44G
PraisonAI: Jobs API exposes agent-execution endpoints with no authentication
- CRITICALGHSA-365W-HQF6-VXFG
Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution
- CRITICALGHSA-QXJP-W3PJ-48M7
Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API