npm supply-chain attacks and runtime secret injection for IAM teams

TL;DR: npm supply-chain attacks exploit install-time trust to steal credentials from CI, developer, and Kubernetes environments, with malicious packages scanning for secrets in env vars, .npmrc files, kubeconfigs, and cached SDK tokens before exfiltrating them, according to Riptides. Persistent secrets, not the poisoned package itself, are what turn a supply-chain compromise into a full cloud breach.

NHIMG editorial — based on content published by Riptides: Growing Threat of npm Supply Chain Attacks and the Runtime Fix That Stops It

By the numbers:

• When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes, and as quickly as 9 minutes in some cases.

Questions worth separating out

Q: How should security teams prevent a malicious npm package from stealing cloud credentials?

A: Security teams should assume install-time code can read whatever the environment exposes and remove persistent secrets from build and runtime contexts.

Q: Why do supply-chain attacks become cloud breaches so quickly?

A: They become cloud breaches quickly because the initial compromise is often only the opening move.

Q: What breaks when secrets are stored in pods or build environments?

A: What breaks is the assumption that only trusted application code can see those secrets.

Practitioner guidance

• Remove persistent secrets from build and runtime environments Stop placing long-lived API keys, cloud tokens, and database credentials in environment variables or pod files where third-party code can read them during install or execution.
• Bind credential delivery to workload identity Deliver high-value secrets only to a verified process or workload identity, and use ephemeral delivery so a scanner in the same pod cannot inherit the secret.
• Harden CI and publish paths Reduce runner privilege, restrict package publishing permissions, and monitor workflow changes so a compromised dependency cannot immediately pivot into registry or pipeline persistence.

What's in the full article

Riptides' full blog post covers the operational detail this post intentionally leaves for the source:

• A step-by-step demo of the poisoned npm payload scanning environment variables and exfiltrating keys.
• The exact just-in-time secret injection flow used to remove persistent credentials from the pod.
• Configuration details for binding secrets to workload identity in a Kubernetes-backed support assistant.
• The before-and-after behaviour showing how a compromised package loses its payoff when runtime secrets are absent.

👉 Read Riptides' analysis of npm supply-chain attacks and runtime secret injection →

npm supply-chain attacks and runtime secret injection for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →