2026-03-06
OSM
Popular Development Framework Neutralinojs Compromised In DPRK Attack
#BeaverTail
#NPM
#Neutralinojs
Neutralinojs
#Neutralinojs
- Reported: 2026-03
- Locations: Sri Lanka
- Motivations: #SupplyChain
- Sectors: #Technology
Summary
The Neutralinojs security incident, discovered on March 2, 2026, began when a former contributor’s GitHub account was compromised, allowing the attacker to use existing write permissions to perform a force-push of malicious JavaScript code across four core repositories; the injected code affected selected files such as test scripts, CLI components, and site configurations, posing a risk only to users who pulled and executed the repositories between March 2 and March 5, while official releases and NPM packages remained unaffected, limiting broader impact; in response, maintainers revoked access tokens, removed compromised permissions, deleted malicious commits, and conducted a full audit, highlighting the risks of stale access controls and demonstrating a classic open-source supply chain attack scenario.