TI Mindmap HUB
Threat Intelligence Report

Typosquatted npm packages used to steal cloud and CI/CD secrets

📅 May 29, 2026 📰 www.microsoft.com 🔍 0 CVE(s) referenced

A sophisticated supply chain attack leveraged typosquatted npm packages to stealthily steal cloud and CI/CD secrets—including AWS, HashiCorp Vault, GitHub Actions, and npm tokens—by abusing npm lifecycle hooks and the Bun runtime, enabling lateral movement and downstream supply chain compromise before takedown.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle