RSS

Compromised Nx Console

0xedb1 pts0 comments

Compromised Nx Console version 18.95.0 · Advisory · nrwl/nx-console · GitHub

//repos/advisories/show" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

//repos/advisories/show;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

nrwl

nx-console

Public

Notifications<br>You must be signed in to change notification settings

Fork<br>243

Star<br>1.4k

Compromised Nx Console version 18.95.0

Critical

jaysoo<br>published<br>GHSA-c9j4-9m59-847w<br>May 18, 2026

Package

Nx Console<br>(VSCode)

Affected versions

18.95.0

Patched versions

18.100.0

Description

Update (May 19 13:37 UTC): Updated the timeline of the compromised VSCode extension. Added information about OpenVSX.

Update (May 20 23:46 UTC): Updated details on scope of impact

Update (May 21 00:37 UTC): Added Tanstack compromise and GitHub CLI as the attack vector.

Summary

A malicious version of Nx Console 18.95.0 was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes).

Details on indications of being compromised and remediation are below.

Timeline

The Microsoft Marketplace timeline is as follows:

12:30 UTC Microsoft registers extension upload for 18.95.0

12:36 UTC Maintainer receives extension upload email

12:47 UTC Maintainer unpublishes extension

12:48 UTC Microsoft registers extension unpublish

For OpenVSX:

12:30 UTC Security scan started for 18.95.0

12:33 UTC Security scan completed and extension published

13:09 UTC Maintainer unpublishes extension

Indicators of Compromise

Please check immediately if you were compromised by looking for the following indicators:

Nx Console version 18.95.0 was installed during the exposure window

Any of the following files exist on disk:

~/.local/share/kitty/cat.py exists

~/Library/LaunchAgents/com.user.kitty-monitor.plist exists

/var/tmp/.gh_update_state exists

/tmp/kitty-* exists

Any of the following processes are running

a python process running cat.py

a process with __DAEMONIZED=1 in its environment

Remediation

If you were affected or suspect you may have been affected, immediately do ALL of the following:

Update Nx Console to 18.100.0 or later. It is important that the malicious version is not running anymore as it will start the rest of the process.

Kill any __DAEMONIZED and cat.py processes. It is important to kill these processes as they actively try to exfiltrate credentials.

Delete the persistence artifacts listed above. On macOS, the LaunchAgent must be unloaded before it is deleted, or it stays active in launchd: launchctl unload ~/Library/LaunchAgents/com.user.kitty-monitor.plist.

Rotate every credential reachable from the machine — tokens, secrets, and SSH keys — and audit access logs for the affected accounts.

Targeted Credentials

The compromised extension fetched an obfuscated payload that harvested credentials from multiple sources on disk and in memory:

Vault — ~/.vault-token, /etc/vault/token; Kubernetes and AWS IAM auth

npm — .npmrc tokens and OIDC token exchange

AWS — IMDS/ECS metadata, Secrets Manager, SSM, Web Identity tokens

GitHub — ghp_/gho_/ghs_ tokens, Actions secrets, process memory

1Password — op CLI vault contents, if an op session was active

Filesystem — private keys, connection strings, GCP/Docker credentials

Harvested data was exfiltrated via HTTPS, the GitHub API, and DNS. On Linux it also attempted sudoers injection for persistence.

Patches

Nx Console 18.100.0 is the latest version that users need to be on.

Root Cause

One of our developers was compromised by a recent supply-chain compromise on Tanstack, which leaked their GitHub credentials through the GitHub CLI (gh). This allowed the attacker to run workflows on our GitHub repository as a contributor.

Actions Taken

Previously a single member of our organization was able to release a new version of Nx Console without manual approval. To prevent this from happening in the future, we have hardened our Nx Console publishing pipeline such that two admins need to manually approve the release. This is the same approval process which is on our...

console compromised version extension github search

Related Articles

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play

Old Reddit Is Down

Crunsher7 ptsdata autoplay videoplayerelement comments function false

The ultimate female fantasy – A feminist critique of Beauty and the Beast

muge6 ptsbeast story paglia beauty older butler
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.