A suspicious npm package called “@acitons/artifact” was found impersonating the real “@actions/artifact” module. It was designed to target GitHub’s CI/CD workflows, mainly within GitHub Actions. The package was uploaded on November 7 and aimed to run during the build process of GitHub repositories. Once inside a build environment, it would capture available tokens and use them to publish harmful artifacts, effectively pretending to be GitHub itself.

What the Malicious Package Did

At first glance, “@acitons/artifact” looked like a normal package, with descriptions and URLs that mimicked the legitimate GitHub project. But hidden inside was a post-install script that downloaded and ran a confusing shell script called “harness.” This script had a built-in kill switch set to deactivate after November 6, 2025, probably to avoid detection over time. When activated, it fetched a JavaScript file named “verify.js,” which checked if the build environment belonged to GitHub. If it did, it would secretly steal GitHub Action tokens, which could then be used to impersonate GitHub and push malicious releases.

The Bigger Picture and How to Protect Yourself

This attack highlights a common issue called typosquatting, where bad actors create packages with similar names to legitimate ones. They wait for someone to accidentally install the malicious version. Attackers often use automated pipelines and short-lived payloads to blend in with normal activity. Because CI/CD pipelines run with high privileges, they are prime targets. If compromised, attackers can inject harmful code, sign fake releases, or push malicious artifacts that look genuine.

Experts recommend several ways to defend against these threats. Using short-lived, scoped tokens that rotate often can limit damage. Automated tools like Socket.dev or Phylum can scan for suspicious packages. Verifying package authenticity through checksums and standards like Sigstore also helps. If your team suspects a breach, it’s wise to search your code, lockfiles, caches, and registries for signs of the malicious package. Quarantining affected runners and rotating tokens are crucial steps in containment.

GitHub clarified that the packages used in this case were part of a controlled red team exercise, not an actual breach. They emphasized that their systems and data were never at risk. Still, this incident underscores how attackers exploit trust in software supply chains and the importance of vigilance in modern development workflows.

Inspired by

• https://www.infoworld.com/article/4088533/malicious-npm-package-sneaks-into-github-actions-builds-2.html

Sources

• gmpg.org
• csoonline.com
• veracode.com
• csoonline.com
• csoonline.com