Research · The Register
Additional malicious versions are still being published and flagged by the security shops
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
The compromised pgserve versions were initially published on April 21 at 22:14 UTC, followed by two more malicious releases of the same package later that day, according to StepSecurity.
Key facts
- The compromised pgserve versions were initially published on April 21 at 22:14 UTC, followed by two more malicious releases of the same package later that day, according to StepSecurity
- The malware collects tokens, credentials, API and SSH keys, and other secrets for cloud services, CI/CD systems, registries, Kubernetes and Docker configurations, and LLM platforms
- Application security vendors Socket and StepSecurity say a self-propagating CanisterWorm-style malware strain hit multiple npm packages tied to Namastex Labs, an agentic AI company
- Specifically, the payload references a "TeamPCP/LiteLLM method" for.pth file injection
Summary
Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as it moves through developers' environments, and it shares significant overlap with the open source infections attributed to TeamPCP last month. Application security vendors Socket and StepSecurity say a self-propagating CanisterWorm-style malware strain hit multiple npm packages tied to Namastex Labs, an agentic AI company. / through 4.260421.39. Additional malicious versions are still being published and identified by the security shops, and as such the full scope of the supply chain attack remains under investigation.