The SentinelOne Annual Threat Report - A Defenders Guide from the FrontlinesThe SentinelOne Annual Threat ReportGet the Report
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2025-10894

CVE-2025-10894: Nx Build System Supply Chain Vulnerability

CVE-2025-10894 is a supply chain attack on the Nx build system where malicious code steals credentials and posts them to GitHub. This post covers technical details, affected versions, impact, and mitigation steps.

Published: March 11, 2026

CVE-2025-10894 Overview

CVE-2025-10894 is a critical supply chain attack targeting the Nx build system package and several related plugins distributed through the npm software registry. Malicious code was injected into the package, enabling attackers to compromise developer systems by scanning file systems, harvesting credentials, and exfiltrating them to GitHub repositories under victim user accounts. This type of attack represents one of the most dangerous vectors in modern software development, as it leverages trusted package management infrastructure to distribute malware to unsuspecting developers and organizations.

Critical Impact

This supply chain compromise enables attackers to steal credentials and sensitive data from developer machines, potentially leading to further downstream attacks on production systems and proprietary source code repositories.

Affected Products

  • Nx build system npm package (compromised versions)
  • Nx-related npm plugins (multiple packages affected)
  • Developer systems that installed compromised package versions

Discovery Timeline

  • 2025-09-24 - CVE CVE-2025-10894 published to NVD
  • 2025-09-26 - Last updated in NVD database

Technical Details for CVE-2025-10894

Vulnerability Analysis

This vulnerability (CWE-506: Embedded Malicious Code) represents a sophisticated supply chain attack where threat actors successfully compromised the Nx build system package distribution chain. The malicious payload was designed to operate silently during normal package installation and build processes, making detection particularly challenging for development teams.

The attack leveraged the trusted npm ecosystem to distribute malware to developers who installed or updated the Nx package. Once executed, the malicious code performs reconnaissance of the local file system, specifically targeting credential stores, configuration files, and authentication tokens commonly found in development environments.

Root Cause

The root cause is the insertion of embedded malicious code (CWE-506) into the Nx package prior to its publication on the npm registry. This indicates either a compromise of the package maintainer's publishing credentials, a breach of the build/release pipeline, or a sophisticated social engineering attack that allowed unauthorized modifications to the package source before distribution.

Attack Vector

The attack is network-based and requires user interaction in the form of installing or updating the compromised package. Once the malicious package is installed, the embedded code executes automatically as part of the normal package installation or build process. The malicious payload performs the following operations:

  1. File System Scanning: The code enumerates the local file system searching for sensitive files including SSH keys, AWS credentials, environment files, and other authentication tokens
  2. Credential Harvesting: Discovered credentials and sensitive data are collected and prepared for exfiltration
  3. Data Exfiltration: Harvested credentials are posted to GitHub repositories created under the victim's own GitHub account, leveraging existing Git credentials for authentication

This approach of using the victim's own GitHub account for exfiltration is particularly insidious, as it may evade network-based detection systems that whitelist GitHub traffic.

Detection Methods for CVE-2025-10894

Indicators of Compromise

  • Unexpected GitHub API calls or repository creation activity from build servers or developer workstations
  • Unauthorized file system access patterns targeting credential directories such as ~/.ssh, ~/.aws, and ~/.config
  • New or modified repositories in organizational GitHub accounts containing base64-encoded or obfuscated data
  • Unexpected network connections to GitHub during npm install or Nx build processes

Detection Strategies

  • Monitor npm package integrity using tools like npm audit and software composition analysis (SCA) solutions
  • Implement runtime monitoring on build servers to detect anomalous file system access and network activity
  • Review GitHub audit logs for unauthorized repository creation or unexpected API activity
  • Deploy endpoint detection and response (EDR) solutions capable of monitoring Node.js process behavior

Monitoring Recommendations

  • Enable comprehensive logging for npm install operations and build processes
  • Configure alerting for GitHub API activity originating from CI/CD systems and developer machines
  • Implement file integrity monitoring for sensitive credential directories
  • Utilize SentinelOne Singularity platform for real-time behavioral analysis of developer endpoints

How to Mitigate CVE-2025-10894

Immediate Actions Required

  • Audit all systems that may have installed the compromised Nx package versions and initiate incident response procedures
  • Rotate all credentials, API keys, SSH keys, and tokens that may have been exposed on affected systems
  • Review GitHub accounts associated with affected developers for unauthorized repositories or activity
  • Update to verified clean versions of the Nx package as indicated in the GitHub Security Advisory

Patch Information

Organizations should immediately verify their installed Nx package versions and update to patched releases. For detailed information on affected versions and remediation steps, consult the following resources:

  • GitHub Security Advisory GHSA-cxm3-wv7p-598c
  • Red Hat CVE Summary
  • Red Hat Supply Chain Advisory
  • Step Security Blog Post
  • Wiz Blog on Supply Chain Attack

Workarounds

  • Implement package pinning and lockfile verification to prevent automatic installation of compromised versions
  • Use npm's --ignore-scripts flag during installation to prevent automatic execution of package scripts while assessing risk
  • Deploy network segmentation to isolate build environments from sensitive credential stores
  • Consider using private npm registries with package verification and scanning capabilities
bash
# Verify package integrity and check for compromised versions
npm audit

# Lock package versions to prevent automatic updates
npm shrinkwrap

# Install with scripts disabled for investigation
npm install --ignore-scripts

# Check installed Nx version
npm list nx

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeRCE
  • Vendor/TechNx
  • SeverityCRITICAL
  • CVSS Score9.6
  • EPSS Probability0.08%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityHigh
  • AvailabilityHigh
  • CWE References
  • CWE-506
  • Technical References
  • Red Hat CVE Summary
  • Red Hat Supply Chain Advisory
  • Red Hat Bug Report #2396282
  • GitHub Security Advisory
  • Step Security Blog Post
  • Wiz Blog on Supply Chain Attack
  • Related CVEs
  • CVE-2026-22923: Siemens NX PDF Export RCE Vulnerability
Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English