The s1ngularity Attack Affected 2,180 GitHub Accounts

Red Dog Security

09 Sep 2025 — 2 min read

Specialists from Wiz have published new details on the recent s1ngularity attack targeting the open-source build system NX. The incident exposed data from 2,180 GitHub accounts and compromised more than 7,200 repositories, making it one of the largest supply chain breaches seen this year.

What Is NX?

NX is a widely used open-source build platform, promoted as an “AI-powered build system that brings everything together—from your editor to your CI.” It is especially popular in large-scale enterprise JavaScript and TypeScript projects.

How the Attack Unfolded

At the end of August, attackers exploited a vulnerability in a GitHub Actions workflow within the NX repository. This flaw allowed them to publish a malicious npm package containing a script called telemetry.js, which executed after installation.

The malware was an infostealer designed to target Linux and macOS systems. Its primary goals were to collect:

GitHub and npm tokens
SSH keys
.env files
Cryptocurrency wallet data

The stolen information was uploaded to public GitHub repositories, each named with the prefix s1ngularity-repository (and variations such as s1ngularity-repository-0).

AI as a Weapon

A striking aspect of the attack was its use of AI command-line tools—including Claude, Google Gemini, and Amazon Q—as part of the exploitation chain. According to Wiz, this is the first documented case of AI being deliberately turned into a weapon in a supply chain attack.

The attackers leveraged AI to search for and extract sensitive credentials. They continuously refined their prompts with each iteration, improving the accuracy and success of the theft.

Timeline of the Breach

The NX team later published a root cause analysis, explaining that the breach originated from a vulnerable workflow that permitted executable code injection through a specially crafted pull request header. Wiz researchers outlined the attack in three phases:

Stage One (Aug. 26–27, 2025):
- Infected NX packages directly impacted 1,700 users.
- More than 2,000 unique secrets and 20,000 files were exfiltrated.
- At least three different payloads were injected.
- GitHub removed the attacker-created repositories within eight hours, though not before data was stolen.
Stage Two (Aug. 28–29, 2025):
- Attackers used stolen GitHub tokens to make 480 additional accounts public, most belonging to organizations.
- More than 6,700 private repositories were exposed.
- Repositories followed the naming pattern s1ngularity-repository-#5characters#.
Stage Three (Beginning Aug. 31, 2025):
- Hackers specifically targeted one unnamed organization.
- Using two compromised accounts, they made another 500 repositories public.
- These repos carried the suffix _bak and contained “s1ngularity” in their descriptions.

Ongoing Risks

Wiz notes that the actual number of affected users who downloaded the malicious NX package is likely far higher than the confirmed figures.

About 100 npm tokens (over 40% of those stolen in Stage One) remain active.
Roughly 5% of GitHub tokens compromised in the first phase are still active.

iCloud Calendar Is Being Exploited to Send Phishing Emails from Apple’s Servers

Invitations sent through iCloud Calendar are being weaponized to deliver phishing emails disguised as purchase notifications—sent directly from Apple’s own mail servers. This tactic significantly increases the chances of bypassing spam filters. A Familiar Scam with a New Twist According to Bleeping Computer, a reader recently shared a

Hacked npm Packages Downloaded More Than 2.6 Billion Times Weekly

Researchers are warning of what may be the largest supply chain attack in history. Attackers injected malware into several of the most widely used npm packages—collectively downloaded more than 2.6 billion times each week. The breach was made possible when hackers compromised a maintainer’s account through a

Google May Make AI Mode in Search Available by Default

Google is preparing to give users more control over its AI-powered search experience by allowing “AI mode” to be set as the default—potentially replacing traditional link-based results. What AI Mode Does AI mode is a version of Google Search that uses large language models (LLMs) to generate summaries of

Unpatched Vulnerability Found in TP-Link Routers

TP-Link has confirmed a previously unknown zero-day vulnerability affecting several of its router models. The company said it is investigating the issue and preparing security updates. Discovery and Technical Details The flaw was discovered by an independent researcher using the alias ByteRay, who first reported it to TP-Link on May