There have been not one, not two, but three of the most chilling supply chain hacks in recent memory. And if you haven’t heard much about them yet, that’s the problem. Outside of a few security circles, the conversation has been oddly quiet. That silence should concern anyone who writes code, runs infrastructure, or frankly just touches the modern software stack. If you use NPM—and you almost certainly do—you need to pay attention.
The latest attack is not just big, it’s spreading. We’re talking tens of thousands of libraries compromised in short order. To drive the point home: Cloudflare was affected. Yes, Cloudflare—the very company that exists to help secure applications. That’s not a knock on them, it’s a reality check for all of us. Unless you’re sure you’re running tighter ship than they are (and you’re not), then your projects are vulnerable too.
This isn’t just another incident. It feels like a line crossing. These attacks are the first wave of AI-driven exploits I’ve seen in this space, and they’re going to keep coming. So the question is not “will this affect me?” It’s “what are we going to do about it?”
Three Hacks in 2025 That Should Have Everyone’s Hair on Fire
The first was the S1ngularity attack back in August. Attackers slipped malicious versions of Nx into NPM, using clever install scripts to raid developer machines for secrets. They specifically targeted AI developer tools, turning flags like --yolo into gateways for stealing GitHub tokens, SSH keys, and even crypto wallets. It was a direct exploitation of our growing reliance on generative AI tools—a canary in the coal mine.
Then came the Chalk/Debug hijack in early September. Maintainers were phished with AI-written emails that looked cleaner and more convincing than anything a spam filter has ever seen. Those compromised accounts pushed updates into chalk, debug, and related packages, quietly installing browser scripts to hijack blockchain transactions. These packages together rack up billions of downloads each week.
And now we have the Shai-Hulud worm, unleashed just days ago. It poisoned more than 180 packages and spread like wildfire, stealing secrets, pushing malicious versions, and even flipping private repos public. It was partly powered by stolen tokens from earlier AI-phishing attacks, a clear sign that each of these events builds on the last.
Each attack escalated in scale and sophistication. Taken together, they’re not random incidents. They’re a campaign.
What We Need to Do Now
The obvious advice is to rotate your credentials, clean your caches, and upgrade to patched versions. Do that today. But the bigger lesson is that our practices have to evolve fast.
We need to lock down our dependencies, not just let package updates slip in unnoticed. We need software composition analysis baked into our pipelines, not as an afterthought but as a daily safeguard. We need community-driven best practices that make secure development the default rather than a burden.
NOTE: This has to include build tools and the entire development environment, so put your CLI tools and CI/CD systems under the same scrutiny as your application code.
And most importantly, we need to rethink the size of our attack surface. Every dependency we pull in is a trust relationship, and every one of those is now a potential weapon. The truth is, many of us are importing libraries to solve problems that could be handled with a few lines of our own code. This is where AI can actually help us—not by creating new vulnerabilities, but by giving us the confidence to reduce them.
Tools That Can Help
If you don’t have a good SCA tool in place, it’s time to choose one. Sonatype gives you the policy-driven guardrails enterprises need, complete with SBOM support. Snyk is a fast and approachable way to start scanning your npm projects. Mend.io takes an AI-assisted approach, helping prioritize the vulnerabilities that actually matter. None of them are perfect, but any of them are better than hoping you won’t get hit.
The Bigger Picture
We’re now in an era where attackers are using AI as fluently as developers are. That’s not a future scenario—it’s already here. And while the details of each exploit will fade from the headlines, the shift they represent won’t.
So if you’re a developer, ask yourself: are your dependencies locked? Are your pipelines scanning? Are your environments isolated? If you’re a manager, ask your teams the same questions. This isn’t a problem “for security” anymore. It’s a problem for all of us who build with code.
Because the supply chain is the code now.
If you’re not sure where your team stands on this, you’re not alone. These hacks show how complex the landscape has become. At Tech Tavern, I work with organizations to make security and resilience part of their everyday development practices. If you’d like to discuss how to navigate this new reality, I’d be glad to connect.