The custodians of the nx build system have notified users regarding a supply chain breach that enabled perpetrators to release harmful iterations of the widely used npm package and additional supplementary plugins equipped with data-collecting functionalities.
“Compromised versions of the nx package, along with certain auxiliary plugin packages, were released to npm, incorporating code that probes the file system and gathers credentials,