←back to thread

Malicious versions of Nx and some supporting plugins were published

(github.com)
441 points longcat | 2 comments | 27 Aug 25 01:38 UTC | HN request time: 0s | source
Show context
echelon ◴[27 Aug 25 12:58 UTC] No.45039034[source]
Google and Anthropic: this is a SEV0.

Assemble your teams and immediately do the following:

1. Issue a public statement that you are aware of this issue and are tracking it

2. Begin monitoring your analytics to see which customers are impacted and shut down their access

3. Reach out to impacted customers and let them know you'll be preparing a list of next steps for them.

4. Monitor for a wider blast radius or larger attack surface area

5. Notify internal teams of broader security efforts as a result of this

6. After this cools down, hold internal and public postmortems.

Do this now.

Edit: -4 and flagged. I give up.

replies(4): >>45039077 #>>45039100 #>>45039132 #>>45039150 #
octo888 ◴[27 Aug 25 13:06 UTC] No.45039132[source]
A single top-level comment would suffice. No need to reply to various comments with the same kind of message
replies(1): >>45039405 #
1. echelon ◴[27 Aug 25 13:29 UTC] No.45039405[source]
My first two comments in this thread were my initial reaction to what was happening.

I made the above, longer form post to hopefully grab the attention of Google and Anthropic folks. My top-level posts always fall to the very bottom of the page.

Google and Anthropic need to be tracking this.

replies(1): >>45039784 #
2. arcfour ◴[27 Aug 25 13:57 UTC] No.45039784[source]
Don't forget to file a bug report with the maintainers of Python, Bash, Node, Perl, Ruby, etc. that their interpreters can be used maliciously if given malicious code to execute.
replies(1): >>45039944 #