Duplicate Advisory: Malicious versions of Nx were published

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cxm3-wv7p-598c. This link is maintained to preserve external references. Original Description Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was...

CVE-2025-10894

Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...

Malicious code in @art-ws/di-node (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b394dcc54d336ef0ffabaf044cf0713eb4d4ffb075cc32163ad8d19967474aba Any computer that has this package installed or running should be considered fully compromised. All...

PT-2025-39354

Name of the Vulnerable Software and Affected Versions Nx affected versions not specified Description A malicious code insertion occurred within the Nx build system package and associated plugins, distributed through the npm software registry as part of a supply-chain attack. The compromised...

GHSA-9X7F-GWXQ-6F2C

creationtimestamp| type| source ---|---|--- 2024-02-01 22:06:52+00:00| seen| https://t.me/ctinow/177794 2025-03-25 20:45:26+00:00| seen| https://gist.github.com/FuzzysTodd/a25832bda87aee97912ff5c363392c03...