Malicious npm package @acitons/artifact token-theft activity
Malware Activity
Summary
Hide ▲
Show ▼
The @acitons/artifact npm package is a malicious typosquat that used a post-install hook to download and run malware, putting GitHub Actions build tokens at risk. It was aimed at GitHub-owned repositories and was built to collect workflow secrets during installation. Researchers also identified a second package, 8jfiesaf83, with similar functionality.
Related Happenings
GitHub npm v12 hardens install-time dependency execution and source resolution
Security Tool/Service
H score11
First: 10.06.2026 22:41
Last: 10.06.2026 22:41
Sources 1
About this happening:
**GitHub** is tightening **npm v12** next month by blocking automatic dependency install scripts and non-registry sources, reducing supply-chain attack paths triggered by **npm in...
GitHub npm v12 hardens install-time dependency execution and source resolution
Security Tool/ServiceAbout this happening: **GitHub** is tightening **npm v12** next month by blocking automatic dependency install scripts and non-registry sources, reducing supply-chain attack paths triggered by **npm in...
Anthropic Claude Code GitHub Action bypass fix (v1.0.94)
Security Patch Release
H score43
First: 04.06.2026 18:15
Last: 04.06.2026 18:15
Sources 1
About this happening:
Anthropic shipped **claude-code-action v1.0.94** to close a **trigger-check bypass** in **Claude Code GitHub Action**, reducing takeover risk for **public repositories** that run...
Anthropic Claude Code GitHub Action bypass fix (v1.0.94)
Security Patch ReleaseAbout this happening: Anthropic shipped **claude-code-action v1.0.94** to close a **trigger-check bypass** in **Claude Code GitHub Action**, reducing takeover risk for **public repositories** that run...
Claude Code GitHub Action bot trigger bypass security flaw
Vulnerability
H score31
First: 04.06.2026 18:15
Last: 04.06.2026 18:15
Sources 1
About this happening:
**Anthropic's Claude Code GitHub Action** had a **trigger-check bypass** that let a malicious **GitHub issue** escalate into **repository takeover** for vulnerable public reposito...
Claude Code GitHub Action bot trigger bypass security flaw
VulnerabilityAbout this happening: **Anthropic's Claude Code GitHub Action** had a **trigger-check bypass** that let a malicious **GitHub issue** escalate into **repository takeover** for vulnerable public reposito...
Miasma GitHub and npm supply-chain campaign
Campaign
H score26
First: 02.06.2026 00:38
Last: 02.06.2026 00:38
Sources 1
About this happening:
The **Miasma** supply-chain campaign has expanded into a new **PyPI** branch called **Hades**, with **37 malicious wheel artifacts** across **19 packages**. The compromised releas...
Miasma GitHub and npm supply-chain campaign
CampaignAbout this happening: The **Miasma** supply-chain campaign has expanded into a new **PyPI** branch called **Hades**, with **37 malicious wheel artifacts** across **19 packages**. The compromised releas...
Latest development: 05.06.2026 21:05
A new Miasma wave is linked to 57 compromised npm packages across more than 286 malicious versions, with malicious installs abusing a 157-byte binding.gyp file for code execution during npm install and then staging additional payloads that inject persistent backdoor files into project repositories and target AI-assisted IDE workflows.
Mouse5212-super-formatter postinstall GitHub exfiltration package
Malware Activity
H score22
First: 27.05.2026 18:44
Last: 27.05.2026 18:44
Sources 1
About this happening:
The **mouse5212-super-formatter** npm package is a **malicious infostealer** that can siphon files from **/mnt/user-data**, putting **Anthropic Claude** user data at risk of unaut...
Mouse5212-super-formatter postinstall GitHub exfiltration package
Malware ActivityAbout this happening: The **mouse5212-super-formatter** npm package is a **malicious infostealer** that can siphon files from **/mnt/user-data**, putting **Anthropic Claude** user data at risk of unaut...
Latest development: 29.05.2026 11:10
mouse5212-super-formatter leaked a hardcoded GitHub token, exposing the operator's credential and allowing about seven theft sessions to be observed in the attacker's GitHub repository; the malicious npm package recursively copied files from a victim machine, uploaded them through the GitHub Contents API, and was later removed from npm.
Timeline
-
11.11.2025 13:55 1 articles · 7mo ago
@acitons/artifact first appears on npm
Untyped PhaseThe malicious npm package @acitons/artifact was first uploaded to npm on October 29, 2025. It typosquatted @actions/artifact and was positioned to target GitHub-owned repositories through build-time package execution.
Show sources
- Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories — thehackernews.com — 11.11.2025 13:55
-
11.11.2025 13:55 2 articles · 7mo ago
Veracode analyzes malicious npm versions targeting GitHub
Technical Analysis UpdateVeracode identified @acitons/artifact as a malicious npm typosquat of @actions/artifact aimed at GitHub-owned repositories. The analysis said six versions from 4.0.12 to 4.0.17 used a post-install hook to download and run malware, another package named 8jfiesaf83 had similar functionality, and the payload checked GITHUB_ variables before exfiltrating data to app.github[.]dev.
Show sources
- Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories — thehackernews.com — 11.11.2025 13:55
- Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories — thehackernews.com — 11.11.2025 13:55