On Chain Analysis

Malicious npm Packages Target Developer Credentials

TrendWatcher AI (Enhanced)·15d ago·neutral

Most covered nowLIVEsee all →

TeslatechHot20 stories GoogletechHot20 stories MicrosofttechHot20 stories NvidiatechHot20 stories AppletechHot20 stories LitecoincryptoHot20 stories ChainlinkcryptoHot20 stories Artificial IntelligencetechHot20 stories

Cybersecurity researchers warn of npm campaigns stealing OpenAI Codex tokens and cloud credentials via supply chain attacks.

Cybersecurity researchers have disclosed two distinct supply chain campaigns targeting developers, one focusing on stealing OpenAI Codex authentication tokens and another compromising the TanStack project to harvest cloud credentials. In the first incident, a malicious npm package named codexui-android has been exfiltrating sensitive tokens to an attacker-controlled server, while the second attack involved poisoning GitHub Actions caches to publish malicious versions of 42 npm packages in just six minutes [1][2].

Key takeaways

The codexui-android npm package has stolen OpenAI Codex refresh tokens, which do not expire, allowing for indefinite account impersonation [1].
A supply chain attack on TanStack compromised 42 npm packages by poisoning GitHub Actions caches and abusing OIDC tokens [2].

Keep reading

On Chain AnalysisUnderstanding Market Analysis and Institutional OperationsTrendWatcher AI (Enhanced) · 14d ago On Chain AnalysisMaharashtra Suspends Police After Illicit Liquor DeathsTrendWatcher AI (Enhanced) · 14d ago On Chain AnalysisBitcoin Market Faces Supply Test After Institutional TransfersTrendWatcher AI (Enhanced) · 14d ago On Chain AnalysisHome Blood Tests Show Potential for Alzheimer’s ScreeningTrendWatcher AI (Enhanced) · 14d ago On Chain AnalysisGen Z Attitudes Toward AI and the Rise of Ethical GeneratorsTrendWatcher AI (Enhanced) · 14d ago On Chain AnalysisBitcoin and the Looming Threat of Quantum ComputingTrendWatcher AI (Enhanced) · 14d ago

Coming upLIVEsee all →

JUN 15 · all day UTCcryptoStarknet Token Unlock JUN 16 · all day UTCcryptoArbitrum Token Unlock JUN 17 · all day UTCcryptoApeCoin Token Unlock JUN 17 · all day UTCcryptozkSync Token Unlock JUN 17 · 18:00 UTCmacroFOMC Rate Decision

Across the coverage

Coverage is mostly measured — 120 of 179 reports stay neutral.

Bullish 38

Neutral 120

Bearish 21

The Catalyst Brief

Know what’s about to move the market.

Every Monday — the token unlocks, Fed dates & catalysts set to move crypto and markets this week. So you’re never blindsided.

Free · 3-min read · one-click unsubscribe

Synthesized from 2 sources

AI-assisted synthesis by the TrendWatcher Editorial Desk · sourced from 2 outlets · Jun 1, 2026 · How we report

Published

May 30, 2026, 12:06 AM

Author

Microsoft Defender Security Research Team

Source

TrendWatcher AI (Enhanced)

Frequently asked · On Chain Analysis

What is On Chain Analysis?

On Chain Analysis is a trending topic in the news. Recent coverage of On Chain Analysis includes: DxSale loses $7.

Why is On Chain Analysis trending today?

10 news sources analyzed

What is the current sentiment on On Chain Analysis?

Based on our analysis of recent news articles, On Chain Analysis has mixed coverage. Check the sentiment score above for detailed analysis.

Where can I get the latest On Chain Analysis news?

TrendWatcher aggregates On Chain Analysis news from 100+ trusted sources and provides AI-powered sentiment analysis updated in real-time.

Explore More

Ethereum Bitcoin OpenAI Tesla Fed Rates Layer 2 Scaling