In addition, she said, developers need tooling that checks whether what is published to npm actually matches what is in the source repository. “Not all software composition analysis tools do this,” Janca said, “so ask your vendor specifically whether the tool catches registry-to-repo mismatches.”
Finally, she advised, apply the principle of least privilege access to publishing tokens; scope them tightly, give them only the permissions they need for one specific package, and rotate them regularly — automatically, not manually.
More than just credential theft
“People tend to think of this as a credential theft incident,” Janca said. “It is actually a potential complete organizational takeover, and it can unfold in stages. First, the attacker gets your secrets on install: AWS keys, GitHub tokens, SSH keys, database passwords, everything sitting in your environment or home directory. Second, if you have an npm publish token, the worm immediately uses it to inject itself into every package you can publish, which means your downstream users are now also victims. Third, those stolen cloud credentials get used to pivot into your infrastructure: spinning up resources, exfiltrating data, moving laterally across accounts. Fourth, your CI/CD pipelines, which trust your runners and service accounts implicitly, welcomes the attackers malicious code into production.”
