Investigating The Nx "s1ngularity" Attack: What GitGuardian Uncovered And How You Can Stay Safe
Discover the chilling details of the Nx “s1ngularity” supply chain attack.
On August 26, 2025, the massively popular Nx npm package, with millions of weekly downloads, was compromised with credential‑harvesting malware.
Hear how GitGuardian’s cybersecurity researchers uncovered how this malicious npm package was used to exfiltrate thousands of sensitive secrets (GitHub tokens, npm keys, SSH keys, OpenAI, and AWS credentials) via GitHub using double‑base64 encoded “s1ngularity‑repository” postings. This attack weaponized AI CLI tools like Claude and Gemini for reconnaissance, and left over 1,300 repositories and 2,300+ secrets exposed, most of which were still valid at the time of discovery.
Finally, learn how you can stay safe by using the free service HasMySecretLeaked, which empowers developers to quickly detect and mitigate exposure in this urgent call to strengthen secrets management and DevSecOps practices.
Links:
https://blog.gitguardian.com/the-nx-s1ngularity-attack-inside-the-credential-leak/