Sophisticated Supply-Chain Attack Grants UNC6426 Full AWS Control in Under 72 Hours
In August 2025, cybersecurity firm Mandiant uncovered a high-impact attack by the threat group UNC6426, which exploited a compromised NPM package to infiltrate and seize full control of a client’s AWS cloud environment in less than three days. The breach underscored the escalating risks of supply-chain attacks and misconfigured CI/CD pipelines, particularly those integrated with cloud identity management systems like OpenID Connect (OIDC).
Attack Breakdown
The intrusion followed a multi-phase approach, beginning with a supply-chain compromise and culminating in full AWS administrative access:
-
Phase 1: Supply-Chain Infection
On August 24, 2025, attackers injected malicious code (QUIETVAULT) into the Nx NPM package, a widely used JavaScript framework. The malware executed a postinstall script, stealing environment variables, system data, and GitHub Personal Access Tokens (PATs) upon installation or update. -
Phase 2: Initial Compromise via Corporate Endpoint
A developer unknowingly triggered the malware by running an Nx Console update, which exfiltrated their GitHub PAT to a public repository. The attackers then used the token to access the victim’s GitHub environment, while the malware employed a Large Language Model (LLM) for system enumeration. -
Phase 3: Pivot to AWS via OIDC Exploitation
Two days later, UNC6426 deployed NORDSTREAM, a tool designed to extract secrets from CI/CD pipelines. It uncovered a GitHub service account with an OIDC trust relationship to AWS, allowing the attackers to generate temporary AWS Security Token Service (STS) tokens and gain initial cloud access. -
Phase 4: Privilege Escalation via CloudFormation
Leveraging a GitHub Actions CloudFormation role, the attackers deployed a new AWS Stack with overly permissive IAM policies, including the AdministratorAccess permission. This granted them full administrative control over the AWS environment. -
Phase 5: Data Exfiltration & Destruction
With unrestricted access, UNC6426 enumerated S3 buckets, terminated EC2 and RDS instances, decrypted application keys, and exfiltrated intellectual property by making internal GitHub repositories public. The victim detected the breach three days after the initial compromise and contained the incident, though significant damage had already occurred.
Key Takeaways
The attack highlights critical vulnerabilities in CI/CD security, particularly the risks of overly permissive OIDC trust relationships and unsecured supply-chain dependencies. While the victim mitigated the breach, the incident demonstrates how automated pipelines designed for efficiency can become high-value attack vectors when misconfigured or exploited.
Source: https://cyberpress.org/unc6426-exploits-npm-to-aws/
Nx cybersecurity rating report: https://www.rankiteo.com/company/nx
Palo Alto Networks Unit 42 cybersecurity rating report: https://www.rankiteo.com/company/unit42
"id": "NXUNI1773303902",
"linkid": "nx, unit42",
"type": "Cyber Attack",
"date": "8/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'type': 'Corporation'}],
'attack_vector': ['Compromised NPM package',
'Misconfigured CI/CD pipeline',
'OIDC exploitation'],
'data_breach': {'data_encryption': 'Decrypted application keys',
'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Intellectual property',
'Application keys',
'GitHub repository data',
'S3 bucket data']},
'date_detected': '2025-08-27',
'description': 'In August 2025, cybersecurity firm Mandiant uncovered a '
'high-impact attack by the threat group UNC6426, which '
'exploited a compromised NPM package to infiltrate and seize '
'full control of a client’s AWS cloud environment in less than '
'three days. The breach underscored the escalating risks of '
'supply-chain attacks and misconfigured CI/CD pipelines, '
'particularly those integrated with cloud identity management '
'systems like OpenID Connect (OIDC).',
'impact': {'data_compromised': 'Intellectual property, application keys, S3 '
'bucket data, GitHub repository data',
'operational_impact': 'Termination of EC2 and RDS instances, '
'decryption of application keys, public '
'exposure of internal GitHub repositories',
'systems_affected': ['AWS cloud environment',
'GitHub environment',
'CI/CD pipelines']},
'initial_access_broker': {'entry_point': 'Compromised NPM package (Nx)',
'high_value_targets': ['AWS cloud environment',
'GitHub environment']},
'lessons_learned': 'The attack highlights critical vulnerabilities in CI/CD '
'security, particularly the risks of overly permissive '
'OIDC trust relationships and unsecured supply-chain '
'dependencies. Automated pipelines designed for efficiency '
'can become high-value attack vectors when misconfigured '
'or exploited.',
'motivation': ['Data exfiltration',
'Intellectual property theft',
'Disruption of services'],
'post_incident_analysis': {'root_causes': ['Compromised NPM package',
'Misconfigured OIDC trust '
'relationships',
'Overly permissive IAM policies']},
'references': [{'source': 'Mandiant'}],
'response': {'containment_measures': 'Incident detection and containment '
'three days after initial compromise',
'third_party_assistance': 'Mandiant'},
'threat_actor': 'UNC6426',
'title': 'Sophisticated Supply-Chain Attack Grants UNC6426 Full AWS Control '
'in Under 72 Hours',
'type': 'Supply-Chain Attack',
'vulnerability_exploited': ['Overly permissive IAM policies',
'Unsecured GitHub Personal Access Tokens (PATs)',
'Misconfigured OIDC trust relationships']}