Skip to content
supplychainattack.orgSupply chain attack incident catalog
containedcritical

Malware in setup-cicd

The npm package setup-cicd was found to contain malware, potentially giving outside entities full control of affected systems. Any computer with this package installed or running should be considered fully compromised.

ShareXLinkedInHacker News
Disclosed
Last updated
Blast radius
Any system with the package installed or running
Ecosystems
Attack vectors
Affected entities
  • setup-cicdnpm package containing malware

The npm package setup-cicd was identified as containing malware. According to the GitHub advisory (GHSA-5rc3-r829-w347), any computer that has this package installed or running should be considered fully compromised.\n\nThe advisory recommends that all secrets and keys stored on affected computers be rotated immediately from a different, uncompromised system. While the package should be removed, there is no guarantee that removal will eliminate all malicious software that may have been installed as a result of the initial compromise, given that the attacker may have gained full control of the system.\n\nThe package should be treated as a critical supply chain threat, particularly given its use in CI/CD environments where it may have access to build systems, deployment credentials, and source code repositories."

Indicators of compromise

Packages
  • setup-cicd

Remediation

  • Immediately remove the setup-cicd package from all systems
  • Rotate all secrets, API keys, and credentials that may have been exposed on affected systems from a clean, uncompromised computer
  • Audit all systems where setup-cicd was installed for signs of unauthorized access or additional malware
  • Review CI/CD pipeline logs and deployment history for suspicious activity
  • Consider the affected systems as potentially fully compromised and plan for complete rebuild if critical infrastructure
  • Notify all users and systems that may have been affected by the compromise

Sources

  1. GitHub Advisory GHSA-5rc3-r829-w347 · GitHub Advisory Database

Cite this entry

"Malware in setup-cicd." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed June 30, 2026; last updated June 30, 2026. https://supplychainattack.org/incident/malware-in-setup-cicd-19x4dr

Suggest a correction

Found an error or have a newer source? Corrections to factual errors take priority over new entries.

  1. containedhigh

    M-Red-Team: AsyncAPI Supply Chain Compromise via GitHub Actions

    M-Red-Team compromised AsyncAPI npm packages via GitHub Actions, injecting malicious code into the supply chain. The attack leveraged build system access to distribute compromised packages to downstream consumers.

    M Red TeamnpmOtherCompromised packageBuild-system compromise
  2. activecritical

    Mass npm Supply Chain Attack: 20 Leo Platform Packages Compromised

    On June 24, 2026, an attacker published malicious versions of 20 npm packages belonging to the Leo Platform ecosystem in a coordinated attack. All packages contained an identical CI/CD attack toolkit designed to steal secrets from GitHub Actions runners, cloud credential stores, package registries, and password managers, then exfiltrate them via the victim's GitHub token.

    npmOtherCompromised package
  3. activecritical

    The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

    TeamPCP conducted a multi-ecosystem supply chain compromise targeting the @antv package and associated development infrastructure. The attack leveraged GitHub, NPM, and VSCode to steal credentials and establish persistence mechanisms.

    TeamPCPnpmOtherAccount takeoverCompromised packageMalicious maintainer
  4. activecritical

    Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem

    A new wave of the Mini Shai-Hulud worm has compromised multiple npm packages across Alibaba's AntV data visualization ecosystem, including echarts-for-react and timeago.js. Stolen CI/CD secrets are being exfiltrated and dumped to thousands of public GitHub repositories as the attack spreads.

    Mini Shai HuludnpmOtherCompromised packageAccount takeover