RSS

Ongoing NPM supply chain attack uses binding.gyp to spread like a worm

varunsharma072 pts0 comments

Supply chain compromise: malicious binding.gyp worm harvests CI/CD secrets and injects into GitHub Actions workflows · Issue #975 · jagreehal/ai-sdk-ollama · GitHub

//voltron/issues_fragments/issue_layout" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

//voltron/issues_fragments/issue_layout;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

jagreehal

ai-sdk-ollama

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star<br>117

Supply chain compromise: malicious binding.gyp worm harvests CI/CD secrets and injects into GitHub Actions workflows #975

New issue<br>Copy link

New issue<br>Copy link

Open

Open<br>Supply chain compromise: malicious binding.gyp worm harvests CI/CD secrets and injects into GitHub Actions workflows#975

Copy link

Description

rohan-stepsecurity<br>opened on Jun 4, 2026

Issue body actions

Summary

Packages published from this repository contain a malicious binding.gyp and index.js. Anyone running npm install or npm update against any version of the affected packages will trigger execution of the payload node-gyp's source expansion step runs node index.js, which downloads the Bun runtime, harvests credentials from the runner, and injects itself into GitHub Actions workflow files to spread further.

Affected Versions

Package<br>Compromised versions

ai-sdk-ollama<br>0.13.1, 1.1.1, 2.2.1, 3.8.5

Full details

For the complete analysis, kill chain, full IOC list, recovery steps for users and maintainers, and evidence from a detonation in an instrumented runner, see the StepSecurity write-up:

https://www.stepsecurity.io/blog/binding-gyp-npm-supply-chain-attack-spreads-like-worm

— StepSecurity Threat Intelligence team

Reactions are currently unavailable

Metadata<br>Metadata<br>Assignees

No one assigned

Labels

No labelsNo labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

You can’t perform that action at this time.

chain binding actions supply worm github

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.