Coordinated Supply Chain Attack Exploits CI/CD Pipelines to Distribute Malware
A coordinated supply chain attack recently targeted two AsyncAPI GitHub repositories, leading to the distribution of malicious npm packages through their legitimate CI/CD pipelines. On July 14, 2026, several packages, including `@asyncapi/generator@3.3.1`, were published to npm containing an obfuscated dropper, which activated upon library loading rather than installation. Crucially, the attackers did not steal npm tokens; instead, they gained push access to the repositories' `next` and `master` branches, leveraging the projects' own GitHub Actions release workflows to publish the compromised versions. These malicious packages even carried valid npm OIDC provenance attestations, demonstrating that traditional security signals can be insufficient when the underlying code commit process is compromised.
This incident is highly significant for practitioners because it exposes a critical blind spot in modern CI/CD security. The attack bypassed common token-based defenses by exploiting direct repository access, turning trusted automation against itself. For developers and DevOps engineers, this means that securing the CI/CD pipeline is no longer just about protecting credentials or scanning artifacts; it extends to rigorously defending source code repository access and branch integrity. The fact that OIDC provenance, designed to verify the origin of published packages, was present on the malicious versions, indicates that the attack originated from within the trusted build environment itself, making detection significantly harder. This directly impacts any organization relying on automated release workflows and public package registries.
This event fits into a broader, well-established trend of increasing software supply chain attacks. Over the past few years, we've seen a shift from simple credential theft to more sophisticated methods, such as dependency confusion, typo-squatting, and now, direct CI/CD pipeline compromise. The rise of GitOps and automated deployments has made CI/CD pipelines central to software delivery, but also a prime target for attackers. Previous incidents, like the Codecov breach, demonstrated the impact of compromising CI/CD tools. This AsyncAPI attack further illustrates that even well-implemented security features like OIDC provenance can be circumvented if the initial access vector (repository push access) is exploited. The industry is grappling with how to build "zero-trust" principles into the software supply chain, extending trust verification beyond just the final artifact to every step of the development and delivery process.
In practice, this means organizations must immediately re-evaluate their branch protection rules and developer access controls, especially for branches that trigger automated releases. Implementing multi-factor authentication for all Git operations, even for non-default branches, becomes paramount. Furthermore, practitioners should consider enhanced scrutiny of commits, particularly those from new or less-frequent contributors, and implement automated tools that can detect anomalous changes in CI/CD configuration or build scripts. Adopting solutions that provide real-time monitoring of CI/CD activities and can identify unusual publishing patterns is crucial. Finally, a robust incident response plan specifically for supply chain compromises, including rapid package unpublishing and user notification, is essential to mitigate damage when such an attack inevitably occurs. The focus must shift from merely securing the pipeline's inputs and outputs to securing the pipeline's execution environment and the integrity of the code that feeds it.
Read original source