Summary
A malicious version of Nx Console 18.95.0 was published at 2:36 PM CEST and removed soon after at 2:47 PM CEST leaving it available for ~11 minutes. Details on indications of being compromised and remediation are below.
Indicators of Compromise
Based on reports from GitHub and Microsoft, very few users were compromised but unfortunately, it was not 0. Please check immediately if you were compromised by looking for the following indicators:
- Nx Console version
18.95.0 was installed during the exposure window
- Any of the following files exist on disk:
~/.local/share/kitty/cat.py exists~/Library/LaunchAgents/com.user.kitty-monitor.plist exists/var/tmp/.gh_update_state exists/tmp/kitty-* exists
- Any of the following processes are running
- a
python process running cat.py
- a process with
__DAEMONIZED=1 in its environment
Remediation
If you were affected or suspect you may have been affected, immediately do ALL of the following:
- Update Nx Console to 18.100.0 or later. It is important that the malicious version is not running anymore as it will start the rest of the process.
- Kill any
__DAEMONIZED and cat.py processes. It is important to kill these processes as they actively try to exfiltrate credentials.
- Delete the persistence artifacts listed above. On macOS, the LaunchAgent must be unloaded before it is deleted, or it stays active in
launchd: launchctl unload ~/Library/LaunchAgents/com.user.kitty-monitor.plist.
- Rotate every credential reachable from the machine — tokens, secrets, and SSH keys — and audit access logs for the affected accounts.
Targeted Credentials
The compromised extension fetched an obfuscated payload that harvested credentials from multiple sources on disk and in memory:
- Vault —
~/.vault-token, /etc/vault/token; Kubernetes and AWS IAM auth
- npm —
.npmrc tokens and OIDC token exchange
- AWS — IMDS/ECS metadata, Secrets Manager, SSM, Web Identity tokens
- GitHub —
ghp_/gho_/ghs_ tokens, Actions secrets, process memory
- 1Password —
op CLI vault contents, if an op session was active
- Filesystem — private keys, connection strings, GCP/Docker credentials
Harvested data was exfiltrated via HTTPS, the GitHub API, and DNS. On Linux it also attempted sudoers injection for persistence.
Patches
Nx Console 18.100.0 is the latest version that users need to be on.
Root Cause
One of our developers were compromised by a recent security incident which leaked their Github credentials. These credentials have been temporarily revoked.
Actions Taken
Previously a single member of our organization was able to release a new version of Nx Console without manual approval. To prevent this from happening in the future, we have hardened our Nx Console publishing pipeline such that two admins need to manually approve the release. This is the same approval process which is on our other products such as the Nx packages. This makes it much less likely because malicious publishes would need to pass through a manual approval by two admins that have been compromised.
We are continuing to investigate this incident and will update here with any further information. We are also working with Microsoft and GitHub to investigate further.
References
Issue: #3139
Summary
A malicious version of Nx Console 18.95.0 was published at 2:36 PM CEST and removed soon after at 2:47 PM CEST leaving it available for ~11 minutes. Details on indications of being compromised and remediation are below.
Indicators of Compromise
Based on reports from GitHub and Microsoft, very few users were compromised but unfortunately, it was not 0. Please check immediately if you were compromised by looking for the following indicators:
18.95.0was installed during the exposure window~/.local/share/kitty/cat.pyexists~/Library/LaunchAgents/com.user.kitty-monitor.plistexists/var/tmp/.gh_update_stateexists/tmp/kitty-*existspythonprocess runningcat.py__DAEMONIZED=1in its environmentRemediation
If you were affected or suspect you may have been affected, immediately do ALL of the following:
__DAEMONIZEDandcat.pyprocesses. It is important to kill these processes as they actively try to exfiltrate credentials.launchd:launchctl unload ~/Library/LaunchAgents/com.user.kitty-monitor.plist.Targeted Credentials
The compromised extension fetched an obfuscated payload that harvested credentials from multiple sources on disk and in memory:
~/.vault-token,/etc/vault/token; Kubernetes and AWS IAM auth.npmrctokens and OIDC token exchangeghp_/gho_/ghs_tokens, Actions secrets, process memoryopCLI vault contents, if anopsession was activeHarvested data was exfiltrated via HTTPS, the GitHub API, and DNS. On Linux it also attempted
sudoersinjection for persistence.Patches
Nx Console 18.100.0 is the latest version that users need to be on.
Root Cause
One of our developers were compromised by a recent security incident which leaked their Github credentials. These credentials have been temporarily revoked.
Actions Taken
Previously a single member of our organization was able to release a new version of Nx Console without manual approval. To prevent this from happening in the future, we have hardened our Nx Console publishing pipeline such that two admins need to manually approve the release. This is the same approval process which is on our other products such as the Nx packages. This makes it much less likely because malicious publishes would need to pass through a manual approval by two admins that have been compromised.
We are continuing to investigate this incident and will update here with any further information. We are also working with Microsoft and GitHub to investigate further.
References
Issue: #3139