securityaffairs.com 7/15/2026, 12:37:01 PM · external

AsyncAPI npm breach spreads info stealing malware via IPFS

AsyncAPI npm breach spreads info stealing malware via IPFS
CyberSIXT Evidence Panel
Primary Source ox.security

A supply chain attack on AsyncAPI npm packages has been disclosed, affecting four packages with over 2 million weekly downloads. The malware, which includes capabilities for info-stealing, crypto-theft, and remote access, was injected into packages widely used by developers. This sophisticated attack utilizes IPFS and BitTorrent for resilient communication and self-propagation.

Researchers advise users of the compromised versions to revoke npm, PyPI, and Cargo tokens and monitor for unauthorized changes in their packages. The attackers embedded the malicious code in the main JavaScript files, bypassing npm's security measures.

View Primary Source Via securityaffairs.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline