Microsoft flags 14 npm typosquats stealing CI/CD secrets

Microsoft’s advisory is vendor threat intelligence, but the facts are specific enough for an operational read: 14 npm packages, one new maintainer alias, a four-hour publishing window, and payloads built to steal cloud and CI/CD credentials during install. The packages used typosquatted names, spoofed OpenSearch repository metadata, and inflated version numbers. That matters because the victim does not have to import the package in application code. The install hook is enough.

For practitioners, the first move is boring and necessary: search package-lock files, npm cache, CI logs, developer workstations, and build runners for the named packages and maintainer indicators. If they appear, treat AWS keys, HashiCorp Vault tokens, GitHub Actions secrets, and npm publish tokens on that host as exposed. Removal from npm only closes the front door after the fact.

This is also part of a louder pattern, not an isolated npm oddity. CISA warned on May 28 that multiple campaigns were targeting developer ecosystems and CI/CD pipelines, including Nx Console and GitHub workflow compromises, and urged review of CI/CD logs, cloud audit trails, and developer machines (https://www.cisa.gov/news-events/alerts/2026/05/28/supply-chain-compromises-impact-nx-console-and-github-repositories). Microsoft has separately documented recent npm incidents involving @antv packages, dependency confusion, Axios, and @redhat-cloud-services packages. The common failure point is the same place compliance programs still tend to under-instrument: the build path where credentials, automation, and trust all meet.