Malware in setup-cicd
The npm package setup-cicd was found to contain malware, potentially giving outside entities full control of affected systems. Any computer with this package installed or running should be considered fully compromised.
- Disclosed
- Last updated
- Blast radius
- Any system with the package installed or running
- Attack vectors
- Affected entities
- setup-cicdnpm package containing malware
The npm package setup-cicd was identified as containing malware. According to the GitHub advisory (GHSA-5rc3-r829-w347), any computer that has this package installed or running should be considered fully compromised.\n\nThe advisory recommends that all secrets and keys stored on affected computers be rotated immediately from a different, uncompromised system. While the package should be removed, there is no guarantee that removal will eliminate all malicious software that may have been installed as a result of the initial compromise, given that the attacker may have gained full control of the system.\n\nThe package should be treated as a critical supply chain threat, particularly given its use in CI/CD environments where it may have access to build systems, deployment credentials, and source code repositories."
Indicators of compromise
- Packages
- setup-cicd
Remediation
- Immediately remove the setup-cicd package from all systems
- Rotate all secrets, API keys, and credentials that may have been exposed on affected systems from a clean, uncompromised computer
- Audit all systems where setup-cicd was installed for signs of unauthorized access or additional malware
- Review CI/CD pipeline logs and deployment history for suspicious activity
- Consider the affected systems as potentially fully compromised and plan for complete rebuild if critical infrastructure
- Notify all users and systems that may have been affected by the compromise
Sources
- GitHub Advisory GHSA-5rc3-r829-w347 · GitHub Advisory Database
Cite this entry
"Malware in setup-cicd." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed June 30, 2026; last updated June 30, 2026. https://supplychainattack.org/incident/malware-in-setup-cicd-19x4dr
Suggest a correction
Found an error or have a newer source? Corrections to factual errors take priority over new entries.
Related incidents
- containedhigh
M-Red-Team: AsyncAPI Supply Chain Compromise via GitHub Actions
M-Red-Team compromised AsyncAPI npm packages via GitHub Actions, injecting malicious code into the supply chain. The attack leveraged build system access to distribute compromised packages to downstream consumers.
M Red TeamnpmOtherCompromised packageBuild-system compromise - activecritical
Mass npm Supply Chain Attack: 20 Leo Platform Packages Compromised
On June 24, 2026, an attacker published malicious versions of 20 npm packages belonging to the Leo Platform ecosystem in a coordinated attack. All packages contained an identical CI/CD attack toolkit designed to steal secrets from GitHub Actions runners, cloud credential stores, package registries, and password managers, then exfiltrate them via the victim's GitHub token.
npmOtherCompromised package - activecritical
The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave
TeamPCP conducted a multi-ecosystem supply chain compromise targeting the @antv package and associated development infrastructure. The attack leveraged GitHub, NPM, and VSCode to steal credentials and establish persistence mechanisms.
TeamPCPnpmOtherAccount takeoverCompromised packageMalicious maintainer - activecritical
Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem
A new wave of the Mini Shai-Hulud worm has compromised multiple npm packages across Alibaba's AntV data visualization ecosystem, including echarts-for-react and timeago.js. Stolen CI/CD secrets are being exfiltrated and dumped to thousands of public GitHub repositories as the attack spreads.
Mini Shai HuludnpmOtherCompromised packageAccount takeover