On August 26, 2025, the widely used build tool Nx was weaponized in a sophisticated supply chain attack that exfiltrated thousands of developer credentials.
Security researchers at GitGuardian uncovered the malicious campaign, dubbed “s1ngularity,” which infected popular Nx packages on npm with credential-harvesting malware.
https://cyberpress.org/nx-packages-compromised/