Official SAP Npm Packages Compromised to Steal Credentials

Supply‑chain attacks on package registries have become a focal point for cyber‑threats, and the recent compromise of SAP's official npm modules illustrates why. SAP's Cloud Application Programming Model (CAP) is widely adopted for building enterprise applications, and its npm packages serve as foundational building blocks. By inserting a malicious preinstall script, threat actors exploit the automatic execution model of npm, turning a trusted dependency into a delivery vehicle for malware. This tactic mirrors earlier incidents like the Trivy and Bitwarden breaches, highlighting a pattern where attackers target the trust chain of development tools rather than the end‑product itself.

The malicious code leverages the lightweight Bun JavaScript runtime to run a heavily obfuscated payload that scans both developer workstations and CI/CD runners for secrets. It extracts authentication tokens, SSH keys, and cloud credentials, even probing runner memory to bypass typical log‑masking safeguards. A novel aspect of this campaign is the use of GitHub commit messages as a dead‑drop mechanism, where specific strings encode stolen tokens that the malware retrieves later. The stolen data is then encrypted and pushed to newly created GitHub repositories under the victim's account, providing attackers with a persistent exfiltration channel while masking their activity behind legitimate user credentials.

For enterprises, the incident serves as a stark reminder to enforce strict token hygiene and supply‑chain verification. Organizations should adopt signed package verification, enforce least‑privilege token scopes, and monitor for anomalous repository creation linked to service accounts. Continuous scanning of dependencies for unexpected scripts, combined with runtime protection for CI environments, can mitigate the risk of similar attacks. As supply‑chain threats evolve, vendors like SAP must bolster publishing security, and developers must remain vigilant about the provenance of every third‑party component they integrate.