Nx s1ngularity and AI tool abuse: what IAM teams missed

TL;DR: The s1ngularity attack on Nx used malicious npm packages to steal developer secrets, then abused installed AI tools to exfiltrate them into public GitHub repositories, showing how supply chain compromise now reaches the developer identity layer, according to Orca Security. Access review processes assume secrets persist long enough to be reviewed; in this case, exfiltration happened before defenders could even see the full blast radius.

NHIMG editorial — based on content published by Orca Security: s1ngularity supply chain attack analysis

By the numbers:

• When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes.

Questions worth separating out

Q: How should security teams handle exposed developer secrets after a supply chain attack?

A: They should assume the secrets are reusable until proven otherwise, revoke them immediately, and trace where they were accepted before the compromise was contained.

Q: Why do malicious npm packages create more risk than ordinary code defects?

A: A malicious package can execute in a trusted installation path and act with the privileges of the developer session, which makes it an identity compromise as much as a software one.

Q: What do organisations get wrong about AI developer tools and secret theft?

A: They often treat AI assistants as productivity tools instead of access-bearing systems.

Practitioner guidance

• Harden package-install execution paths Block or alert on post-install scripts from newly published packages, especially in developer environments that reach cloud or source-control systems.
• Restrict AI tool permissions on developer endpoints Remove permissive flags such as --dangerously-skip-permissions and audit any assistant configuration that can read local files, shells, or tokens without explicit approval.
• Rotate and revoke exposed developer secrets fast Build a response path that revokes GitHub tokens, SSH keys, npm credentials, and any other bearer secrets as soon as endpoint compromise is suspected.

What's in the full article

Orca Security's full article covers the operational detail this post intentionally leaves for the source:

• The exact malicious Nx package versions and affected package names, useful for exposure checks in your environment.
• The post-install artefacts observed on endpoints, including shell profile changes and the inventory file pattern.
• The specific AI tool flags attackers abused, which helps teams build policy and detection rules around dangerous assistant modes.
• The vendor's incident-response guidance for removing malicious versions, clearing caches, and rotating credentials.

👉 Read Orca Security's analysis of the s1ngularity supply chain attack →

Nx s1ngularity and AI tool abuse: what IAM teams missed?

Explore further

View Full Forum →  |  NHI Foundation Course →