CISA Warns of Active Supply Chain Attacks Targeting GitHub Repositories and Nx Console

The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert, warning developers about multiple ongoing supply chain attacks targeting GitHub repositories and developer tooling. The attacks involve a compromised Nx Console Visual Studio Code extension and a separate campaign called Megalodon, both actively stealing credentials from CI/CD pipelines.

CISA Warns of Active Supply Chain Attacks Targeting GitHub Repositories and Nx Console

If your team uses Visual Studio Code extensions, GitHub Actions, or any automated build pipeline connected to cloud services, you need to review your environment immediately.

What Happened: Two Separate Attack Chains

CISA described two distinct but related supply chain intrusions hitting developer ecosystems at the same time.

The Nx Console VSCode Extension Compromise

Threat actors first compromised Nx developer systems. Using that access, they poisoned a third-party Visual Studio Code extension called Nx Console and pushed a malicious build, version 18.95.0, through VS Code’s automatic update mechanism.

Because VS Code updates extensions automatically in the background, developers who already had Nx Console installed received the malicious version without taking any manual action. The compromised extension then gave attackers access to a GitHub employee’s device, which they used to reach internal GitHub repositories and exfiltrate sensitive data.

CISA assigned CVE-2026-48027 to the malicious Nx Console version and added it to the Known Exploited Vulnerabilities (KEV) Catalog.

The Megalodon Campaign

In a separate but simultaneous campaign called Megalodon, attackers injected malicious GitHub Action workflows directly into public GitHub repositories. These workflows harvested CI/CD secrets, cloud credentials, and authentication tokens from both development and deployment pipelines.

CISA specifically flagged suspicious activity from automated accounts with names like build-bot, auto-ci, ci-bot, and pipeline-bot, particularly for unauthorized commits and pull requests made after May 18, 2026.

What the Attackers Stole

Both campaigns targeted the same categories of high-value credentials. If your pipelines or developer machines connected to any affected repositories, attackers may have obtained:

  • API keys and cloud provider credentials for Microsoft Azure, Amazon Web Services, and Google Cloud Platform
  • SSH keys
  • Docker, npm, PyPI, Vault, Terraform, and Kubernetes tokens
  • GitHub, GitLab, and Bitbucket tokens
  • Developer and pipeline secrets stored in CI/CD environments

Any credential that a build pipeline or developer machine could access during the period of compromise is at risk.

How to Check If You Are Affected

CISA recommends starting with a full forensics review before taking remediation steps. Specifically:

  • Review CI/CD logs for unusual job executions, unexpected secret access, or workflow file changes
  • Check cloud audit trails in Microsoft Azure, AWS, and GCP for unauthorized API calls or resource access
  • Inspect affected developer machines for signs of the malicious Nx Console extension (version 18.95.0)
  • Look for pull requests or direct commits from automated accounts, especially those created after May 18, 2026
  • Review workflow files for injected steps that access environment variables or make outbound connections

GitHub has released a security advisory covering the unauthorized repository access. Nx has published a postmortem on the Nx Console v18.95.0 compromise.

Immediate Actions CISA Recommends

1. Rotate and Revoke All Secrets

If your organization has any exposure to affected GitHub repositories or Nx Console, rotate and revoke credentials immediately. This includes:

  • All API keys for cloud services
  • Cloud provider credentials for AWS, GCP, and Microsoft Azure
  • SSH keys used by pipelines or developers
  • Docker, npm, PyPI, Vault, Terraform, and Kubernetes tokens
  • GitHub, GitLab, and Bitbucket tokens
  • Any secrets stored as environment variables in CI/CD systems

Do not simply regenerate secrets in the same location without first confirming the pipeline itself is clean. A compromised workflow can harvest newly rotated credentials just as easily as old ones.

2. Audit Workflow Files and Contributor Activity

Review all workflow files in your repositories for unauthorized changes. Pay close attention to:

  • Steps that access secrets or environment variables
  • Jobs that make outbound network requests to unexpected destinations
  • Workflow changes authored by automated accounts
  • Any commits made after May 18, 2026, from accounts you did not authorize

Revert any workflow changes you cannot verify as legitimate.

3. Notify Stakeholders

If your investigation confirms a breach, notify the appropriate stakeholders within your organization. This includes security teams, engineering leadership, and any customers or partners whose data may have passed through affected pipelines.

Best Practices for Package Repository Safety

Beyond responding to the immediate incident, CISA outlined standing best practices for using package repositories that every development team should follow.

  • Wait at least three hours before pulling a new package: When a malicious or tampered package appears in a registry, the security community typically identifies and flags it quickly. A three-hour delay gives that detection process time to work before your pipeline pulls the package automatically.
  • Pin software to specific trusted versions: Pinning prevents your build process from automatically pulling a newly published or updated package that has not been reviewed. Instead of pulling latest, specify an exact version number your team has validated.
  • Pull packages only from known and trusted sources: Attackers frequently create malicious forks of popular packages with similar names. Relying on verified, official registries and explicitly declaring your trusted sources reduces the risk of pulling a poisoned package.

Why Supply Chain Attacks Are Increasing

Supply chain attacks work because they exploit trust. Developers trust their tools, their extensions, and their package registries. CI/CD pipelines run with elevated permissions and access to production secrets precisely because they need that access to do their job.

Attackers have recognized that compromising a single widely used tool or extension gives them access to hundreds or thousands of downstream environments without ever directly attacking those targets. The Nx Console compromise reached a GitHub employee’s internal repositories through a VS Code extension update. That is one compromised tool, leading to one compromised device, leading to internal repository access at one of the world’s largest code hosting platforms.

Reviewing your extension list, auditing your workflow files, and rotating pipeline credentials regularly are now baseline security hygiene, not advanced precautions.

Related Cybersecurity Guides

Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply