Github announced on Monday it will change its authentication and publishing options for the “near future” in response to a recent wave of supply chain attacks targeting the NPM ecosystem, including the Shai-Hulud attack.
This includes steps to address the threat posed by token abuse and steps to allow local publishing with the required two-factor authentication (2FA) to allow granular tokens with limited lifespan of 7 days, and reliable publishing that allows for the ability to publish NPM packages directly from CI/CD workflows.
In addition to eliminating the need for NPM tokens, trusted publishing establishes encryption trust by authenticating each public with short-lived workflow-specific credentials. More importantly, the NPM CLI automatically generates and publishes the source proof of the package.
“All packages published via trusted publishing contain encrypted proofs of their sources and build environments,” Github said in late July 2025.
To support these changes, the Microsoft-owned company said it plans to enact the following steps:
Describing the classic tokens of legacy. Despises time-based one-time password (TOTP) 2FA and migrates users to FIDO-based 2FA. Limit granular tokens with publishing permission to a shorter expiration date. Set public access to tokens that are prohibited by default and promote the use of trusted publishers or 2FA forced local publishing. Remove the option to bypass 2FA for local package publishing. Expand eligible providers for reliable publishing.
The development took place a week after a supply chain attack called the codename Shai-Hulud injected self-replicating worms into hundreds of NPM packages, scanning developer machines and sending them to attacker-controlled servers for sensitive secrets.
“By combining self-replication with the ability to steal multiple types of secrets (as well as npm tokens), the worm may have enabled endless attacks for timely action from Github and open source maintainers.”
The NPM package includes a QR code base
The disclosure comes as software supply chain security company Socket has stated that it has identified a malicious NPM package that allows it to harvest browser passwords using the new Steganographic Technike. Packages can no longer be downloaded from NPM. Since it was first published on August 21, 2025, it has attracted a total of 476 downloads.
“This package includes The Threat Actor (NPM alias Janedu, registration email Janedu0216@gmail[.]com) Run the payload inside a QR code to steal username and password credentials from web cookies in your browser,” said security researcher Olivia Brown.
Fezbox claims to be a JavaScript utility consisting of common helper functions. But in reality, there is a stealth code that gets a QR code from a remote URL, parses the QR code, and executes the JavaScript payload contained within that URL.
The payload reads the document.cookie for that part, extracts username and password information from the cookie, and sends the information to an external server (“my-nest-app-production> .up.railway[.]app”) via https post request.
“Most applications no longer store literal passwords in cookies, so it’s hard to say how successful this malware can be to achieve its goals,” Brown said. “However, using QR codes for further obfuscation is a creative twist by threat actors. This technique shows why it is more important than ever for threat actors to continue to improve their obfuscation techniques and have dedicated tools to check their dependencies.”
Source link
