Back to blog
supply chainnpmtechniqueDevOps

Supply chain: npm, composer, pip — when your dependencies are the attack

Published on 2026-04-138 min readFlorian

Your code is only a fraction of your application

A modern application contains 80 to 95% third-party code via its dependencies. A typical Node.js project installs hundreds of transitive packages. Each one is a potential attack vector. Supply chain attacks target this weak link: rather than attacking your code, the attacker compromises a dependency you willingly install.

Typosquatting

The attacker publishes a package whose name resembles a popular one: lodassh instead of lodash, reqeusts instead of requests. A typo in package.json or requirements.txt installs the malicious package.

Real cases: in 2022, npm packages like ua-parser-jss and colors-2 trapped thousands of developers. In Python, python3-dateutil (with an extra hyphen) contained malicious code.

Protection: always verify the exact package name. Use npm audit, pip-audit, or composer audit to detect suspicious packages.

Dependency confusion

Your organization uses a private registry for internal packages. The attacker publishes a package with the same name on the public registry (npmjs.com, PyPI) with a higher version number. The package manager resolves to the newer public version.

Real case: in 2021, researcher Alex Birsan demonstrated this attack against Apple, Microsoft, and others by publishing packages on npm with the names of their internal packages.

Protection: configure package scoping (@company/package on npm), use namespaces on PyPI, and configure your package manager to prohibit resolution to the public registry for internal packages.

Maintainer compromise

A legitimate maintainer of a popular package is compromised (phishing, credential stuffing) or sells their access. The package is updated with malicious code that executes at installation (postinstall on npm) or at import.

Real cases:

  • event-stream (2018): a new maintainer added a malicious dependency targeting Bitcoin wallets
  • xz-utils (2024): a patient contributor earned the maintainer's trust over two years before introducing a backdoor into the compression library used by SSH
  • ua-parser-js (2021): the maintainer's npm account was compromised, the package (7M downloads/week) was updated with a cryptominer

    • Installation scripts

    npm's preinstall and postinstall scripts run with the same permissions as the user running npm install. A malicious package can exfiltrate environment variables (CI/CD tokens, API keys), modify other project files, or install backdoors.

    Protection: use --ignore-scripts for untrusted installations. Configure .npmrc with ignore-scripts=true and only enable scripts for packages that genuinely need them.

    Lockfiles and integrity

    The package-lock.json, composer.lock, or poetry.lock ensures installation reproducibility. But if the lockfile is modified (by a malicious PR or a registry compromise), integrity is lost.

    Protection:

  • Always commit your lockfiles
  • Use npm ci (not npm install) in CI/CD to strictly follow the lockfile
  • Verify integrity hashes (integrity in package-lock.json)
  • Review lockfile changes in pull requests

    • Defense in depth strategy

  • Regular auditing: npm audit, pip-audit, composer audit in your CI/CD
  • Strict lockfiles: committed and verified
  • Controlled updates: Dependabot or Renovate with manual review
  • Private package scoping: namespaces and registries configured correctly
  • SCA (Software Composition Analysis): tools like Snyk, Socket, or Semgrep Supply Chain
  • SBOM: maintain an inventory of your dependencies to react quickly when a CVE is published

    • At CleanIssue, we analyze the dependency tree of your applications during our audits. Request your audit call to evaluate your supply chain attack exposure.

    Related articles

    Three adjacent analyses to keep exploring the same attack surface.

    webXSS

    XSS explained: reflected, stored, DOM-based — how to protect yourself

    The three types of Cross-Site Scripting explained with concrete examples, common attack vectors, and defenses to implement.

    2026-04-02 · 8 min read
    Nexussupply chain

    Nexus Repository and CVE-2026-0600: why proxy configuration becomes an attack surface

    CVE-2026-0600 affects Nexus Repository 3 through SSRF in proxy repository configuration. Here is why this is critical for supply-chain teams.

    2026-04-11 · 6 min read
    Famous hackssupply chain

    SolarWinds 2020: The Supply Chain Attack That Changed Everything

    Complete analysis of the SolarWinds Orion attack by Russian group Nobelium: method, impact on 18,000 organizations, and security lessons.

    2026-04-05 · 9 min read

    Sources

    Written by Florian
    Reviewed on 2026-04-13

    Editorial analysis based on official vendor, project, and regulator documentation.

    Related services

    If this topic maps to a real risk in your stack, these are the most relevant CleanIssue audits.

    Full Audit

    Document all priority flaws and get a real remediation plan.

    Next.js Audit

    Check middleware, auth, handlers, and public bundles in the production app users actually get.

    Need an external review of your HR SaaS?

    Share your product, stack, and client context. We will come back with the right review scope.

    Discuss your audit