
In recent weeks, a number of open-source developers have fallen victim to phishing attacks. As a result, malware infiltrated packages, some of which receive 30 million downloads per week.
Toptal
At the end of last week, cybersecurity specialists from the company Socket reported the compromise of 10 npm packages belonging to Toptal, a platform that connects freelancers with companies, assisting them in finding developers, designers, and financial experts. Additionally, Toptal maintains its own internal development tools and design systems, such as Picasso, which are available via GitHub and NPM.
According to researchers, on July 20, 2025, attackers hacked GitHub Toptal and almost immediately made all 73 of the company’s repositories public, exposing all private projects and source codes.
After that, the attackers modified the source code of Picasso on GitHub, incorporating malware, and published 10 malicious packages on npm, disguising them as legitimate updates.
Attackers injected malware into package code to steal data, which collected GitHub authentication tokens and then deleted data from victims’ systems. Specifically, hackers inserted malicious code into package.json files to add two functions: data theft (preinstall script) and host cleanup (postinstall script).
By the time the attack was discovered, the infected packages had been downloaded approximately 5,000 times.
The following packages have been subjected to malicious modifications:
- @toptal/picasso-tailwind (3.1.0)
- @toptal/picasso-charts (59.1.4)
- @toptal/picasso-shared (15.1.0)
- @toptal/picasso-provider (5.1.1)
- @toptal/picasso-select (4.2.2)
- @toptal/picasso-quote (2.1.7)
- @toptal/picasso-forms (73.3.2)
- @xene/core (0.4.1)
- @toptal/picasso-utils (3.2.0)
- @toptal/picasso-typography (4.1.4)
Toptal ceased support for the malicious packages on July 23 and reinstated the “clean” versions. However, the company did not make any official announcements or attempt to warn users who had downloaded the malicious versions of the packages about the risks.
Researchers note that it is still unclear how exactly this attack was carried out, and how the compromise and changes in the GitHub repository were connected to the publication of packages in npm.
Other Hacks in Recent Weeks
The attack on Toptal has already become the third incident in the last week and a half related to attacks on open-source supply chains.
On July 19, it became known about the hacking of several popular JavaScript libraries, whose developers were affected by targeted phishing and credential theft.
During one attack, the npm package eslint-config-prettier, which has over 30 million downloads per week, was compromised. Its maintainer JounQin confirmed that he became a victim of a phishing attack after receiving an email from support@npmjs.com. The link in this message led to the fraudulent npnjs[.]com, which the developer did not notice.
Other packages (eslint-plugin-prettier, synckit, @pkgr/core, and napi-postinstall) by this maintainer were also compromised.
As a result, the compromise affected:
- eslint-config-prettier (8.10.1, 9.1.1, 10.1.6, 10.1.7)
- eslint-plugin-prettier (4.2.2,  4.2.3)
- synckit (0.11.9)
- @pkgr/core (0.2.8)
- napi-postinstall (0.3.1)
- got-fetch (5.1.11, 5.1.12)
In this case, the attackers used stolen credentials to publish several versions of packages containing malicious code aimed at infecting machines running Windows.
In the malicious versions of the packages, the script install.js was configured to execute immediately after installation. It contained a suspicious function, logDiskSpace(), which, contrary to its name, attempted to execute node-gyp.dll, included in the package, via the system process rundll32. As a result, the Scavanger stealer infiltrated the victims’ systems.
According to the scan on VirusTotal, this DLL is recognized as a trojan.
“The maintainer confirmed that their npm token was compromised through a phishing email, supposedly from npnjs[.]com. The attackers used the stolen credentials to publish malicious versions of several packages without affecting the repositories on GitHub, making the attack harder to detect,” explained Socket analysts.
Since Prettier and ESLint are used in thousands of projects, researchers warned that the consequences of this compromise could be devastating, as the malware injected into the packages is quite difficult to remove.
Shortly after this attack, developer Jordan Harband warned that the popular package “is,” which is downloaded more than 2.8 million times a week, was also compromised. Versions 3.3.1-5.0.0 contained malware and were removed approximately six hours after being published on npm.
The is package is a lightweight JavaScript library that offers a wide range of functions for type checking and value validation. The library is actively used as a low-level dependency in development tools, testing libraries, build systems, as well as in backend and CLI projects.
In this case, the hack was also the result of a successful phishing attack using the aforementioned domain npnjs[.]com. The maintainer’s credentials were similarly stolen, and then modified and malicious versions of the package were published.
A cross-platform JavaScript malware loader was embedded in the code, which opened a WebSocket-based backdoor in the affected systems, enabling remote execution of arbitrary code.
“After activation, the malware accesses the os module in Node.js to gather the hostname, operating system and processor details, and extracts all environment variables from process.env,” explained Socket specialists. “It then dynamically imports the ws library to transmit this data via a WebSocket connection. Each message received through the socket is interpreted as executable JavaScript code, effectively providing the attacker with an instant interactive remote shell.”
Developers working with any of the aforementioned compromised packages are now advised to ensure that none of the malicious versions are installed or used in their products.

2025.02.03 — PyPI introduces a project archival system to combat malicious updates
The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it's not expected to be updated…
Full article →
2025.02.28 — Qualcomm extends support for Android devices to 8 years
Qualcomm Technologies announced its collaboration with Google with the purpose to provide extended support for OEM devices running on company's flagship chipsets. This partnership will…
Full article →
2025.01.28 — J-magic backdoor attacked Juniper Networks devices using 'magic packets'
A massive backdoor attack targeting Juniper routers often used as VPN gateways has been uncovered. The devices were attacked by the J-magic malware that…
Full article →
2025.04.30 — Coinbase fixes 2FA bug that made customers panic
Cryptocurrency exchange Coinbase has fixed a bug in its Account Activity logs that caused customers to think their credentials were compromised. Earlier this month, BleepingComputer…
Full article →
2025.03.26 — Cloudflare to block all unencrypted traffic to its APIs
According to Cloudflare, effective immediately, only secure HTTPS connections to api.cloudflare.com will be accepted; while all HTTP ports are to be closed. The purpose of this decision…
Full article →
2025.01.25 — 18,000 script kiddies have been infected with backdoor via XWorm RAT builder
According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies' systems become infected with a backdoor that steals data and subsequently…
Full article →
2025.04.10 — April updates released by Microsoft cause issues with Windows Hello
Microsoft warns that some Windows users who have installed the April updates might be unable to login to their Windows services using Windows Hello facial recognition…
Full article →
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…
Full article →
2025.02.20 — Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and DoS attacks
OpenSSH fixed two vulnerabilities that could result in MiTM and denial of service (DoS) attacks. Interestingly, one of these bugs appeared in the code more than 10…
Full article →
2025.02.08 — Hackers exploit RCE vulnerability in Microsoft Outlook
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Federal Civilian Executive Branch (FCEB) Agencies that they have to secure their systems from ongoing…
Full article →