Threat Intelligence Report

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

📅 March 25, 2026 📰 thehackernews.com 🔍 0 CVE(s) referenced

UNC6426 exploited a compromised nx npm package and AI-assisted credential theft to escalate from a stolen GitHub token to full AWS administrator access, enabling data theft and destruction within just 72 hours.

news

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle