How the Attack on Multiple AsyncAPI npm Packages Reflects a New Software Supply Chain Threat, According to Upwind
The software supply chain depends on trust. Developers routinely download packages from official repositories with the expectation that they have been published through legitimate channels and have not been altered. When that trust is broken, the effects can extend far beyond a single application.
That is the central finding of a new investigation released by cloud security company Upwind. The company disclosed details of a coordinated software supply chain attack that affected multiple official AsyncAPI npm packages, uncovering evidence that attackers compromised more than one repository and gained access to multiple publishing pipelines.
Rather than describing a single package compromise, the investigation points to a broader effort aimed at the mechanisms responsible for releasing trusted software.
Looking beyond one compromised package
According to Upwind, the campaign affected multiple components of the AsyncAPI ecosystem.
Researchers determined that attackers had compromised two GitHub repositories and targeted different release branches during the operation. They also confirmed a second independent repository compromise, indicating that more than one publishing pipeline had been breached.
The investigation found that different OpenID Connect (OIDC) publishing identities were abused within a short period, reinforcing the conclusion that the activity was coordinated rather than the result of an isolated security incident.
By targeting several parts of the release infrastructure, the attackers demonstrated an approach that extends beyond compromising a single package or repository.
Changing the point of execution
The investigation also revealed that the attackers altered how the malicious code was executed.
Instead of relying on preinstall or postinstall scripts that activate while a package is being installed, the malicious code executed during normal package imports or through alternative execution paths. Because the activity occurred as part of expected application behavior, identifying malicious execution became more difficult for security tools that primarily monitor the installation process.
Researchers noted that the attackers employed multiple execution techniques throughout the campaign. Even so, they continued to reuse infrastructure and malware patterns across the compromised repositories and publishing pipelines, suggesting that the incidents were connected.
Why official publishing channels matter
One of the more concerning aspects of the investigation is that the affected packages were distributed through official publishing channels.
Organizations using standard dependency management practices could have imported the compromised packages without realizing they contained malicious code. According to Upwind, that exposure applies not only to developer workstations but also to CI/CD environments where the packages were used as part of routine software development.
“This wasn’t just a malicious package -it was a compromise of trust,” said Amiram Shachar, CEO and Co-Founder of Upwind. “Multiple official AsyncAPI packages were published with backdoored code from separate repositories and publishing pipelines, showing that attackers are increasingly targeting the software release process itself.”
The statement captures the broader implication of the investigation: the publishing infrastructure itself is becoming an increasingly valuable target for threat actors.
Recommended actions for organizations
Based on its findings, Upwind advises organizations to review their software supply chains and determine whether affected package versions entered their development environments.
The company recommends verifying the exact versions of packages currently in use, pinning dependencies to verified and trusted releases, and reviewing dependency updates, lockfiles, and Software Bills of Materials (SBOMs) for unexpected changes.
Organizations should also consider developer workstations and CI/CD runners that imported the affected packages as potentially compromised. Upwind further recommends rotating credentials that were accessible from those environments.
The role of runtime monitoring
The investigation concludes by highlighting the importance of visibility throughout the software development lifecycle.
As attackers move away from techniques that execute during installation and instead embed malicious behavior into normal application execution, security teams may need monitoring capabilities that extend beyond static code analysis and installation-time checks.
Upwind said it continues to monitor the campaign while encouraging organizations to strengthen their software supply chain security practices. The findings illustrate how attacks on trusted publishing infrastructure can affect development environments even when software appears to come from legitimate sources.


