NXP Semiconductors A.I CyberSecurity Scoring
NXP Semiconductors
Company Information
Website:http://www.nxp.com
Employees number:22,465
Number of followers:908,361
NAICS:3344
Industry Type:Semiconductor Manufacturing
Homepage:nxp.com
NXP Semiconductors Risk Score (AI oriented)
Between 750 and 799
NXP SemiconductorsSemiconductor Manufacturing
Updated:
19/05/2026
19/05/2026
757/1000
Fair
Baa
NXP Semiconductors Global Score (TPRM)
xxxx
NXP SemiconductorsSemiconductor Manufacturing
Score locked
NXP SemiconductorsFair
Current Score
757Baa (FAIR)
01000
3 incidents
-34.5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
758
JUNE 2026
761
MAY 2026
770
Cyber Attack
18 May 2026 • NXP Semiconductors
GitHub, npm, Microsoft and Nx: Nx Console VS Code Extension Compromised to Steal Developer and Cloud Secrets
Nx Console VS Code Extension Compromised in Sophisticated Supply Chain Attack
757
CRITICAL-13
NPMGITNXPMIC1779193496
Nx Console VS Code Extension Compromised in Sophisticated Supply Chain Attack
In May 2026, attackers hijacked the widely used Nx Console Visual Studio Code extension, turning it into a credential-stealing tool that exposed millions of developers. The malicious version (18.95.0) of the extension installed over 2.2 million times was published to the official VS Code Marketplace on May 18 using stolen credentials.
The attack unfolded in stages, beginning with an earlier breach that compromised a contributor’s GitHub personal access token. At 03:18 UTC, the attacker pushed an orphan commit to the nrwl/nx repository, replacing its contents with just two files: a package.json and an obfuscated index.js payload. By 12:36 UTC, the malicious extension was live, injecting a 2,777-byte backdoor into its main.js file. The payload activated the moment a developer opened any workspace.
Within 11 minutes, the Nx team detected and removed the compromised version, but the damage was already done. The malware targeted a broad range of credentials, including tokens from GitHub, npm, AWS, HashiCorp Vault, Kubernetes, and 1Password, as well as Claude AI coding assistant configurations one of the first known supply chain attacks to exploit AI tooling. Stolen data was exfiltrated via HTTPS, GitHub API abuse, and DNS tunneling, ensuring redundancy if one channel was blocked.
On macOS, the payload installed a persistent Python backdoor (~/.local/share/kitty/cat.py) that checked in hourly for new commands, signed with a 4096-bit RSA key. The malware also employed anti-analysis techniques, avoiding execution on machines with fewer than four CPU cores or those in Russian/CIS time zones to evade detection.
The attack leveraged Sigstore integration, allowing the attacker to forge cryptographically signed npm packages using stolen OIDC tokens, making malicious packages appear legitimate. Security firm StepSecurity confirmed this was the second supply chain incident targeting the Nx ecosystem in a year.
Developers who installed version 18.95.0 and opened a workspace between 12:36 and 12:47 UTC on May 18 should assume all credentials on the affected machine were compromised. The Nx team released a patched version (18.100.0) and provided indicators of compromise (IoCs) for detection, including file hashes, Git commit SHAs, and exfiltration endpoints.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
759
Vulnerability
07 Apr 2026 • NXP Semiconductors
Thales, STMicroelectronics and NXP: Critical Android “Zero-Interaction” Vulnerability Enables DoS Attacks
Google Patches Critical Zero-Interaction Android Vulnerability in April 2026 Security Update
763
LOW-4
NXPTHASTM1775572928
Google Patches Critical Zero-Interaction Android Vulnerability in April 2026 Security Update
Google’s April 2026 Android Security Bulletin addresses multiple high-risk vulnerabilities, including a critical zero-interaction flaw in the Android Framework. The most severe issue, CVE-2026-0049, allows attackers to execute a local denial-of-service (DoS) attack without user interaction or elevated privileges, potentially rendering affected devices unresponsive. The vulnerability impacts Android versions 14, 15, 16, and 16-qpr2, with patches released via the 2026-04-01 security patch level.
Additionally, the update resolves CVE-2025-48651, a high-severity flaw in the StrongBox hardware-backed key storage system, affecting implementations from Google, NXP, STMicroelectronics, and Thales. This vulnerability compromises the security of cryptographic keys, necessitating the 2026-04-05 patch level for full protection.
Google has provided device manufacturers with advance notice to facilitate timely updates. Users can verify protection by checking their device’s security patch level, with 2026-04-05 or later ensuring full mitigation. The Android Open Source Project (AOSP) will receive source code patches within 48 hours of the bulletin’s release.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
766
FEBRUARY 2026
813
Breach
12 Feb 2026 • NXP Semiconductors
Odido: Stolen Odido data worth “gold” for criminals
Massive Data Breach at Dutch Telecom Provider Odido Exposes 6.2 Million Accounts
757
CRITICAL-56
ODI1771093701
Massive Data Breach at Dutch Telecom Provider Odido Exposes 6.2 Million Accounts
Dutch telecom provider Odido has reported one of the largest data breaches in the Netherlands, with sensitive information from 6.2 million customer accounts compromised. The company began notifying affected users on Thursday at 12 p.m., though the exact number of impacted individuals remains unclear as the investigation continues.
The stolen data varies by account but may include full names, addresses, phone numbers, email addresses, IBAN bank account numbers, dates of birth, and passport or driver’s license numbers a combination cybersecurity experts describe as unusually valuable for criminals. Notably, passwords, call logs, location data, billing details, and ID document scans were not accessed.
Ethical hacker Sijmen Ruwhof warned that the breach poses severe risks, including highly convincing phishing attacks where criminals use real customer details to impersonate legitimate companies. Fraudsters could also exploit the data to bypass authentication checks, taking out contracts or committing financial fraud in victims’ names. Matthijs Koot, another security expert, highlighted the risk of helpdesk fraud, bank scams, and targeted espionage, noting that hostile intelligence services could use the data to track politicians, government employees, or critical infrastructure workers.
The breach also raises concerns about stalking, doxxing, and organized crime, as criminals including drug offenders could use the data to identify individuals using regular phone subscriptions. Ruwhof criticized Odido’s security measures, stating that the scale of the leak suggests a failure in cybersecurity controls at the time of the incident. While the company has not disclosed whether hackers made ransom demands, experts warn the data could be sold or used for extortion.
Odido CEO Tisha van Lammeren emphasized that notifications were delayed to avoid misinformation but did not comment on the adequacy of the company’s security. She acknowledged the sophistication of cybercriminals while reiterating that customer safety remains the top priority. The full impact of the breach is still under assessment.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
817
DECEMBER 2025
817
NOVEMBER 2025
817
OCTOBER 2025
817
SEPTEMBER 2025
817
AUGUST 2025
817
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for NXP Semiconductors ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in June 2026 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in May 2026 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in April 2026 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in March 2026 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in February 2026 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in January 2026 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in December 2025 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in November 2025 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in October 2025 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in September 2025 ??
What was NXP Semiconductors's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on NXP Semiconductors's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with NXP Semiconductors ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view NXP Semiconductors's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?