UNC6426 Exploits npm Supply Chain Attack to Compromise AWS Environment in 72 Hours A threat group identified as UNC6426 achieved full compromise of an organization’s AWS environment within 72 hours by leveraging credentials stolen during the August npm supply chain attack targeting Nx, an open-source codebase management platform. The findings, detailed in Google’s Cloud Threat Horizons Report for H1 2026, highlight a rapid and multi-stage intrusion. After exfiltrating keys in the initial attack, UNC6426 accessed the victim’s GitHub repository, enumerated the environment, and exploited the CI/CD pipeline to obtain AWS API keys. Using these credentials, the group generated temporary AWS Security Token Service (STS) tokens to infiltrate the AWS environment, where they: - Enumerated and accessed S3 bucket objects - Terminated production EC2 and RDS instances - Decrypted application keys - Renamed and made public the organization’s GitHub repositories The attack underscores the risks of supply chain compromises and the need for enhanced security controls, including package managers that restrict postinstall scripts, sandboxing tools, and monitoring for suspicious IAM activity. The incident also highlights vulnerabilities tied to shadow AI deployments.

Sophisticated Supply-Chain Attack Grants UNC6426 Full AWS Control in Under 72 Hours In August 2025, cybersecurity firm Mandiant uncovered a high-impact attack by the threat group UNC6426, which exploited a compromised NPM package to infiltrate and seize full control of a client’s AWS cloud environment in less than three days. The breach underscored the escalating risks of supply-chain attacks and misconfigured CI/CD pipelines, particularly those integrated with cloud identity management systems like OpenID Connect (OIDC). ### Attack Breakdown The intrusion followed a multi-phase approach, beginning with a supply-chain compromise and culminating in full AWS administrative access: 1. Phase 1: Supply-Chain Infection On August 24, 2025, attackers injected malicious code (QUIETVAULT) into the Nx NPM package, a widely used JavaScript framework. The malware executed a postinstall script, stealing environment variables, system data, and GitHub Personal Access Tokens (PATs) upon installation or update. 2. Phase 2: Initial Compromise via Corporate Endpoint A developer unknowingly triggered the malware by running an Nx Console update, which exfiltrated their GitHub PAT to a public repository. The attackers then used the token to access the victim’s GitHub environment, while the malware employed a Large Language Model (LLM) for system enumeration. 3. Phase 3: Pivot to AWS via OIDC Exploitation Two days later, UNC6426 deployed NORDSTREAM, a tool designed to extract secrets from CI/CD pipelines. It uncovered a GitHub service account with an OIDC trust relationship to AWS, allowing the attackers to generate temporary AWS Security Token Service (STS) tokens and gain initial cloud access. 4. Phase 4: Privilege Escalation via CloudFormation Leveraging a GitHub Actions CloudFormation role, the attackers deployed a new AWS Stack with overly permissive IAM policies, including the AdministratorAccess permission. This granted them full administrative control over the AWS environment. 5. Phase 5: Data Exfiltration & Destruction With unrestricted access, UNC6426 enumerated S3 buckets, terminated EC2 and RDS instances, decrypted application keys, and exfiltrated intellectual property by making internal GitHub repositories public. The victim detected the breach three days after the initial compromise and contained the incident, though significant damage had already occurred. ### Key Takeaways The attack highlights critical vulnerabilities in CI/CD security, particularly the risks of overly permissive OIDC trust relationships and unsecured supply-chain dependencies. While the victim mitigated the breach, the incident demonstrates how automated pipelines designed for efficiency can become high-value attack vectors when misconfigured or exploited.