Inside the Nx "s1ngularity" Attack: How the Credential Leak Happened

Read full article here: https://blog.gitguardian.com/the-nx-s1ngularity-attack-inside-the-credential-leak/?utm_source=nhimg

On August 26, 2025, the popular build platform Nx was compromised by a sophisticated supply chain attack now dubbed the “s1ngularity” campaign. The malicious packages carried credential-harvesting malware that targeted developer environments at scale, exposing the fragility of secrets management in modern software pipelines.

Key Findings

• Comprehensive Credential Harvesting - The malware systematically scanned infected systems for GitHub tokens, npm keys, SSH private keys, API credentials, and even AI agent tokens from popular LLM tools like Claude, Gemini, and Q.

• Novel Exfiltration Method - Stolen credentials were double-base64 encoded and exfiltrated into public GitHub repositories using a consistent “s1ngularity-repository” naming convention.

• Multi-Phase Campaign:
  • Phase 1 – Credential collection and GitHub-based exfiltration.
  • Phase 2 – Attackers used stolen GitHub tokens to make private repositories public, exposing 82,901 secrets (11,168 valid).

• LLM Exploitation Attempt - Attackers experimented with leveraging LLM clients as secret enumerators, an emerging attack surface in AI-driven development.

• Developer Impact - 85% of victims ran macOS systems, aligning with Nx’s popularity in the developer ecosystem.

Why It Matters

The s1ngularity attack highlights a dangerous evolution in supply chain threats:

• GitHub as an exfiltration channel proved both effective and stealthy.
• Secrets persistence – even after repositories were deleted, many exposed credentials remained valid, leaving organizations vulnerable.
• AI tools as targets – attackers recognize that LLMs and AI agents now hold privileged access, making them a new identity risk frontier.

Defensive Actions

• Immediate Rotation - All secrets potentially stored or used with Nx versions 20.9.0–21.8.0 should be rotated.
• Proactive Scanning - GitGuardian’s S1ngularity Scanner and HasMySecretLeaked service provide developers with a way to identify exposed secrets and validate whether their credentials were compromised.
• Secrets Governance - Beyond deleting files, enterprises must automate rotation workflows, deploy honeytokens for early detection, and adopt continuous monitoring for non-human identities.

The Bigger Lesson

This attack underscores a fundamental truth: in the age of cloud-native software and AI-driven development, secrets are the currency of compromise. Protecting them requires more than vaults and rotations, it demands real-time identity governance, ephemeral access controls, and a security model that treats every machine, workload, and AI agent as a first-class identity.