Software supply chains have become an increasingly attractive target for attackers because a single compromise can ripple across countless development environments. Instead of breaking into individual organizations, threat actors are increasingly seeking access to the trusted infrastructure used to distribute software, allowing malicious code to spread through legitimate channels.
New research from Upwind offers another example of that shift. The cloud security company disclosed findings from an investigation into a coordinated attack that affected multiple official AsyncAPI npm packages, revealing compromises across repositories and publishing pipelines rather than a single isolated package.
An attack that reached beyond one repository
Upwind’s investigation found that the campaign impacted multiple components of the AsyncAPI ecosystem.
Researchers confirmed that attackers compromised two separate GitHub repositories while also identifying a second independent repository compromise. According to the company, the attackers targeted different release branches and abused different OpenID Connect (OIDC) publishing identities over a short period, demonstrating access to multiple publishing pipelines.
The activity suggests a coordinated operation aimed at the software release process itself instead of a one-time package compromise. By targeting trusted publishing infrastructure, attackers were able to distribute malicious code through official channels that developers would normally consider reliable.
Malicious code hidden in normal application behavior
One of the investigation’s key findings was the way the malicious code was executed. Rather than depending on familiar preinstall or postinstall scripts commonly associated with npm attacks, the attackers embedded code that executed during normal package imports or through alternative execution paths.
This approach allows malicious activity to occur during expected application behavior instead of package installation, making it more difficult for conventional security tools to identify suspicious actions.
Upwind also observed that the attackers varied their execution techniques throughout the campaign. Even as those methods changed, researchers found consistent use of the same infrastructure and malware patterns across the compromised repositories and publishing pipelines, indicating that the activity was part of a single coordinated effort.
Risks for development environments
Because the compromised packages were published through official channels, developers using routine dependency management practices could unknowingly introduce malicious code into their environments.
According to Upwind, the threat extends to both developer workstations and CI/CD environments where the affected packages were imported. Since the packages appeared legitimate, organizations may not immediately recognize that their development infrastructure has been exposed.
“This wasn’t just a malicious package -it was a compromise of trust,” said Amiram Shachar, CEO and Co-Founder of Upwind. “Multiple official AsyncAPI packages were published with backdoored code from separate repositories and publishing pipelines, showing that attackers are increasingly targeting the software release process itself.”
Reviewing the software supply chain
In response to its findings, Upwind recommends that organizations review their software supply chains and determine whether affected package versions were introduced into development environments.
The company advises security teams to verify the specific package versions currently in use, pin dependencies to trusted releases, and inspect recent dependency updates, lockfiles, and Software Bills of Materials (SBOMs) for unexpected changes.
Upwind also recommends treating developer workstations and CI/CD runners that imported the affected packages as potentially compromised. Credentials that were accessible from those systems should be rotated to reduce potential risk.
Visibility beyond package installation
The investigation highlights an important challenge for organizations securing modern development pipelines. As attackers continue targeting trusted publishing infrastructure, monitoring package installation alone may not provide enough visibility to identify malicious activity.
Upwind says organizations should complement traditional software supply chain protections with runtime visibility and continuous monitoring capable of detecting suspicious behavior during application execution.
As software development workflows become more automated and interconnected, understanding what packages do after they are imported is becoming an increasingly important part of defending the software supply chain.
The company said it continues to monitor the campaign while encouraging organizations to strengthen their software supply chain security practices against similar attacks.

