npm - supply-chain-attack - Versions diffs - 0.1.1 → 0.1.7 - Mend

supply-chain-attack 0.1.1 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/LICENSE +1 -1
package/README.md +101 -6
package/RESEARCH.md +35 -0
package/bin/supply-chain-attack.js +1 -4
package/lib/advisories.js +450 -0
package/lib/cli.js +601 -0
package/lib/live-osv.js +151 -0
package/lib/parsers.js +348 -0
package/lib/scanner.js +808 -0
package/package.json +15 -13

package/LICENSE CHANGED Viewed

@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2026 amifcked contributors
+Copyright (c) 2026 supply-chain-attack contributors
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md CHANGED Viewed

@@ -1,17 +1,112 @@
 # supply-chain-attack
-Professional CLI wrapper around `amifcked` for scanning local package-manager state for known supply-chain attack indicators.
+Scan this machine for packages and binaries tied to known supply-chain attacks, malware campaigns, and AI security incidents.
 ```sh
 npx supply-chain-attack
 ```
-This package uses the same scanner and advisory snapshot as `amifcked`, but prints professional output suitable for teams, CI logs, and security reports.
+`supply-chain-attack` scans local package-manager state wherever you run it: global installs, temporary `npx` installs, npm/pnpm/Yarn/Bun caches or stores, and Python user/pipx environments when present. Scoped packages are included.
-## Options
+A cache/store hit means the package was fetched or stored on this machine. A global or `npx` hit is stronger evidence that package code may have been installed or executed.
+## Usage
+```sh
+npx supply-chain-attack
+```
+The CLI prints a compact verdict and exits non-zero when it finds a risky package or suspicious IOC.
+Interactive terminals also get a small one-line menu:
+```txt
+options  l learn  a actions  q quit  ›
+```
+The loader and menu are disabled for JSON output, non-interactive terminals, and CI.
+## Example
+```txt
+Verdict: Potential supply-chain exposure detected — 1 package hit
+Matched packages
+- npm @rspack/cli@1.1.7 (npm cache _npx)
+scan 6 store(s), 1842 package/version pair(s), snapshot 2026-05-12
+```
+## What It Checks
+The embedded offline snapshot is dated `2026-05-12` and covers `438` package/version artifacts.
+Local sources include:
+- npm global packages, cache records, and `_npx` installs
+- pnpm global packages and content-addressed store manifests
+- Yarn and Bun global/cache entries
+- Python user site-packages and pipx virtual environments
+Advisory coverage includes Mini Shai-Hulud/TanStack, Mistral, UiPath, Squawk, OpenSearch, Lightning, Guardrails AI, SAP CAP, Intercom, Namastex.ai, CanisterWorm, CanisterSprawl, Axios, `plain-crypto-js`, Rspack, and Nx `s1ngularity`.
+It also checks common home-directory locations for suspicious files such as `router_runtime.js` and `setup.mjs` when contents match known credential-exfiltration or persistence markers.
+## Exit Codes
+- `0`: no findings
+- `1`: findings detected
+- `2`: usage or runtime error
+## Privacy
+`supply-chain-attack` uses its embedded advisory snapshot and does not send discovered package names or versions to a remote service. Set `NO_COLOR=1` for plain text output.
+## If You Get a Hit
+Treat the machine as potentially exposed:
+1. Remove affected global or `npx` installs.
+2. Clear relevant package-manager cache/store entries.
+3. Inspect projects that may have installed the package.
+4. Rotate exposed tokens and credentials.
+5. Check for unexpected persistence files or workflow changes.
+Use menu option `l` for attack-chain context and option `a` for a cleanup prompt you can paste into a coding/security agent.
+## Limitations
+This is a detection tool, not a full incident-response platform.
+- Cache/store hits show package presence, not project usage.
+- The advisory snapshot is curated and dated.
+- A clean result does not prove the machine is free of malicious packages.
+- Some package-manager stores may not expose package names and versions.
+## Development
+```sh
+npm test
+npm run check
+node bin/supply-chain-attack.js
+npm exec --package=. -- supply-chain-attack
+```
+## Publishing
 ```sh
-supply-chain-attack --json
-supply-chain-attack --list-advisories
-supply-chain-attack --no-interactive
+npm test
+npm run check
+npm pack --dry-run
+npm publish
 ```
+The package has no runtime npm dependencies and requires Node.js `18` or newer.
+## Research
+The research trail and source URLs are in [`RESEARCH.md`](./RESEARCH.md).
+## License
+MIT

package/RESEARCH.md ADDED Viewed

@@ -0,0 +1,35 @@
+# Research Notes
+Snapshot date: 2026-05-12.
+The scanner data is intentionally split into:
+- An embedded offline snapshot in `lib/advisories.js`.
+## Sources Used
+- Socket Mini Shai-Hulud campaign page: https://socket.dev/supply-chain-attacks/mini-shai-hulud
+- GitHub TanStack advisory `GHSA-g7cv-rxg3-hmpx`: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx
+- TanStack postmortem: https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
+- Snyk TanStack compromise tracker: https://security.snyk.io/TanStack-npm-Supply-Chain-Compromise-May-2026
+- Aikido Mini Shai-Hulud/TanStack mirror: https://www.aikido.dev/blog/mini-shai-hulud-is-back-tanstack-compromised
+- Socket CanisterWorm campaign page: https://socket.dev/supply-chain-attacks/canisterworm
+- Socket CanisterSprawl campaign page: https://socket.dev/supply-chain-attacks/canistersprawl
+- Socket Axios compromise report: https://socket.dev/blog/axios-npm-package-compromised
+- Socket Rspack compromise report: https://socket.dev/blog/rspack-npm-packages-compromised
+- Socket Nx compromise report: https://socket.dev/blog/nx-packages-compromised
+- OSV live API: https://api.osv.dev
+The requested X URL, `https://x.com/SocketSecurity/status/2053950165665386546`, was attempted directly but was not retrievable through the available web tooling. The TanStack/Mini Shai-Hulud package data from that discussion was cross-checked against the official Socket campaign page, the GitHub advisory, and public incident trackers above.
+## Current Embedded Coverage
+The embedded snapshot currently covers 438 package/version artifacts across npm, PyPI, and Packagist. It includes the May 2026 TanStack/Mini Shai-Hulud wave and related AI/developer-tool package incidents such as Mistral, UiPath, Squawk, OpenSearch, Lightning, Guardrails AI, Namastex/CanisterWorm, CanisterSprawl AI brand-squats, Axios/plain-crypto-js, Rspack, and Nx.
+Use:
+```sh
+node bin/supply-chain-attack.js --list-advisories
+```
+to see the exact artifact count and source URLs embedded in the package.

package/bin/supply-chain-attack.js CHANGED Viewed

@@ -1,10 +1,7 @@
 #!/usr/bin/env node
 'use strict';
-process.env.AMIFCKED_OUTPUT_STYLE = 'professional';
-process.env.AMIFCKED_COMMAND_NAME = 'supply-chain-attack';
-const { main } = require('amifcked/lib/cli');
+const { main } = require('../lib/cli');
 main(process.argv.slice(2)).catch((error) => {
   console.error(`supply-chain-attack: ${error && error.message ? error.message : error}`);

package/lib/advisories.js ADDED Viewed

@@ -0,0 +1,450 @@
+'use strict';
+const SNAPSHOT_DATE = '2026-05-12';
+function pkg(name, versions, extra = {}) {
+  return {
+    name,
+    versions: Array.isArray(versions) ? versions : [versions],
+    ...extra,
+  };
+}
+const tanstackPackages = [
+  pkg('@tanstack/angular-form', ['1.20.0', '1.21.0']),
+  pkg('@tanstack/angular-query-experimental', ['5.90.13', '5.91.0']),
+  pkg('@tanstack/angular-router-plugin', ['1.166.8', '1.167.1']),
+  pkg('@tanstack/angular-router', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/form-core', ['1.20.0', '1.21.0']),
+  pkg('@tanstack/history', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/query-async-storage-persister', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/query-broadcast-client-experimental', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/query-core', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/query-db-collection', ['0.3.6', '0.3.7']),
+  pkg('@tanstack/query-devtools', ['5.91.1', '5.91.3']),
+  pkg('@tanstack/query-persist-client-core', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/query-sync-storage-persister', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/react-db', ['0.3.6', '0.3.7']),
+  pkg('@tanstack/react-devtools', ['0.7.3', '0.7.5']),
+  pkg('@tanstack/react-devtools-event-bus', ['0.3.1', '0.3.3']),
+  pkg('@tanstack/react-form', ['1.20.0', '1.21.0']),
+  pkg('@tanstack/react-query-devtools', ['5.90.2', '5.91.0']),
+  pkg('@tanstack/react-query-next-experimental', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/react-query', ['5.90.12', '5.90.14']),
+  pkg('@tanstack/react-router-devtools', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-router-ssr-query', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-router-with-query', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-router', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-start-client', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-start-config', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-start-plugin', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-start-router-manifest', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-start-server', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/react-start', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/router-core', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/router-devtools-core', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/router-generator', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/router-plugin', ['1.166.6', '1.167.1']),
+  pkg('@tanstack/router-ssr-query-core', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/router-utils', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/server-functions-plugin', ['1.166.4', '1.167.0']),
+  pkg('@tanstack/solid-form', ['1.20.0', '1.21.0']),
+  pkg('@tanstack/solid-query-devtools', ['5.91.2', '5.91.4']),
+  pkg('@tanstack/solid-query', ['5.90.13', '5.91.0']),
+  pkg('@tanstack/store', ['0.8.0', '0.8.2']),
+  pkg('@tanstack/vue-query-devtools', ['5.90.2', '5.91.0']),
+];
+const uipathPackages = [
+  pkg('@uipath/orchestrator', '4.20.34'),
+  pkg('@uipath/studio-sdk', '1.0.16'),
+  pkg('@uipath/apollo-core', '5.9.2'),
+  pkg('@uipath/uipathclicore', ['2.24.4', '2.25.4']),
+  pkg('@uipath/uipathcli', ['2.24.4', '2.25.4'], { binaries: ['uipath'] }),
+  pkg('@uipath/pipelines-cli', ['21.10.6', '21.11.5', '22.4.4', '22.10.4', '23.4.6', '23.10.6', '24.4.6', '24.10.6', '25.4.5', '25.10.1']),
+  pkg('@uipath/node-executor', '2.0.1'),
+  pkg('@uipath/node-logging', '2.0.1'),
+  pkg('@uipath/vertex-sdk-js', '0.2.2'),
+  pkg('@uipath/dotnet-extension', ['3.1.1', '3.2.1', '3.3.1', '3.4.2', '3.5.1']),
+  pkg('@uipath/agent-utils', '1.0.1'),
+  pkg('@uipath/agent-tool', '1.0.1'),
+  pkg('@uipath/maestro-mcp', '0.1.1'),
+  pkg('@uipath/autopilot-sdk', '0.1.1'),
+  pkg('@uipath/uipath-typescript-helpers', '0.7.1'),
+  pkg('@uipath/script-context', '0.1.1'),
+  pkg('@uipath/marketplace-sdk-client', '1.0.1'),
+  pkg('@uipath/integrationservice-tool', '1.0.2'),
+  pkg('@uipath/uipath-pack', ['0.0.7', '0.0.8', '0.0.9', '0.0.10']),
+  pkg('@uipath/uipath-string', ['1.0.5', '1.0.6', '1.0.7', '1.0.8', '1.0.9']),
+  pkg('@uipath/flow-tool', '1.0.2'),
+  pkg('@uipath/pipelines', ['24.12.3', '25.4.1', '25.10.1']),
+  pkg('@uipath/teams', '0.0.9'),
+  pkg('@uipath/log-message', '1.0.8'),
+  pkg('@uipath/system', '2.1.1'),
+  pkg('@uipath/webservices', '2.0.1'),
+  pkg('@uipath/calls', '1.0.2'),
+  pkg('@uipath/maestro-tool', '1.0.1'),
+  pkg('@uipath/excel', '1.1.7'),
+  pkg('@uipath/docsai-tool', '1.0.1'),
+  pkg('@uipath/context-grounding-tool', '0.1.1'),
+  pkg('@uipath/packager-tool-functions', '0.1.1'),
+  pkg('@uipath/http-request', '1.0.5'),
+  pkg('@uipath/ui-automation', '1.0.1'),
+  pkg('@uipath/mail', '1.0.6'),
+  pkg('@uipath/file', '1.2.1'),
+  pkg('@uipath/microsoft', '2.1.9'),
+  pkg('@uipath/word', '2.0.9'),
+  pkg('@uipath/word-data-models', '2.0.10'),
+  pkg('@uipath/odata', '0.0.1'),
+  pkg('@uipath/outlook', '2.1.12'),
+  pkg('@uipath/cloud-drive', '1.0.12'),
+  pkg('@uipath/agent', '1.5.15'),
+  pkg('@uipath/agent-intermediate-schema', '1.5.10'),
+  pkg('@uipath/agent-builder-types', '1.0.15'),
+  pkg('@uipath/apps-editor-components', '1.2.102'),
+];
+const squawkPackages = [
+  pkg('@squawk/fix-data', ['0.6.7', '0.6.8']),
+  pkg('@squawk/weather', ['0.5.9', '0.5.10']),
+  pkg('@squawk/icao-registry-data', ['0.8.7', '0.8.8']),
+  pkg('@squawk/airport-data', ['0.7.7', '0.7.8']),
+  pkg('@squawk/flightplan', ['0.5.5', '0.5.6']),
+  pkg('@squawk/units', ['0.4.6', '0.4.7']),
+  pkg('@squawk/flight-math', ['0.5.7', '0.5.8']),
+  pkg('@squawk/mcp', ['0.9.4', '0.9.5'], { binaries: ['squawk-mcp'] }),
+  pkg('@squawk/fixes', ['0.3.5', '0.3.6']),
+  pkg('@squawk/airspace-data', ['0.5.6', '0.5.7']),
+  pkg('@squawk/procedure-data', ['0.7.6', '0.7.7']),
+  pkg('@squawk/navaids', ['0.4.5', '0.4.6']),
+  pkg('@squawk/procedures', ['0.5.5', '0.5.6']),
+  pkg('@squawk/notams', ['0.3.9', '0.3.10']),
+  pkg('@squawk/airways', ['0.4.5', '0.4.6']),
+  pkg('@squawk/airports', ['0.6.5', '0.6.6']),
+  pkg('@squawk/types', ['0.8.4', '0.8.5']),
+  pkg('@squawk/icao-registry', ['0.5.5', '0.5.6']),
+  pkg('@squawk/airspace', ['0.8.4', '0.8.5']),
+  pkg('@squawk/geo', ['0.4.7', '0.4.8']),
+  pkg('@squawk/navaid-data', ['0.6.7', '0.6.8']),
+  pkg('@squawk/airway-data', ['0.5.7', '0.5.8']),
+];
+const miniExpansionPackages = [
+  pkg('@dqbd/tiktoken', '1.0.23'),
+  pkg('mixme', '0.5.13'),
+  pkg('handlebars', '4.7.9'),
+  pkg('@gongallin/vue-i18n-bundler', '1.0.3'),
+  pkg('@grafana/demodata-datasource', ['2.2.0', '2.2.1']),
+  pkg('react-devtools-core', ['7.0.0', '7.0.1']),
+  pkg('@vscode/test-electron', ['2.6.0', '2.6.1']),
+  pkg('storybook', ['10.1.0-alpha.2', '10.1.0-alpha.3'], { binaries: ['storybook'] }),
+  pkg('@k-nut/link-header-parser', '1.1.5'),
+  pkg('auth0', '6.9.0'),
+  pkg('zod-to-json-schema', ['3.25.1', '3.25.2', '3.25.3', '3.25.4', '3.25.5']),
+  pkg('mini-html-webpack-plugin', '3.3.1'),
+  pkg('lightningcss-darwin-arm64', '1.30.2'),
+  pkg('@unrs/resolver-binding-android-arm-eabi', '1.11.2'),
+  pkg('@unrs/resolver-binding-android-arm64', '1.11.2'),
+  pkg('@unrs/resolver-binding-darwin-arm64', '1.11.2'),
+  pkg('@unrs/resolver-binding-darwin-x64', '1.11.2'),
+  pkg('@unrs/resolver-binding-freebsd-x64', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-arm-gnueabihf', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-arm-musleabihf', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-arm64-gnu', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-arm64-musl', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-ppc64-gnu', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-riscv64-gnu', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-riscv64-musl', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-s390x-gnu', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-x64-gnu', '1.11.2'),
+  pkg('@unrs/resolver-binding-linux-x64-musl', '1.11.2'),
+  pkg('@unrs/resolver-binding-wasm32-wasi', '1.11.2'),
+  pkg('@unrs/resolver-binding-win32-arm64-msvc', '1.11.2'),
+  pkg('@unrs/resolver-binding-win32-ia32-msvc', '1.11.2'),
+  pkg('@unrs/resolver-binding-win32-x64-msvc', '1.11.2'),
+];
+const operatoPackages = [
+  'input',
+  'graphql',
+  'utils',
+  'graphql-ws',
+  'shell',
+  'layout',
+  'popup',
+  'styles',
+  'resize',
+  'help',
+  'icon',
+  'i18n',
+  'pull-to-refresh',
+  'stomp',
+  'markdown',
+  'chart',
+  'form',
+  'calendar',
+  'sortable',
+  'user-device',
+  'snack-bar',
+  'blockquote',
+  'carousel',
+  'timeline',
+  'context',
+  'command',
+  'numeric-stepper',
+  'color-picker',
+  'element',
+  'search',
+  'progress',
+  'headroom',
+  'selection',
+  'graphql-observable',
+  'graphql-client',
+  'graphql-subscription',
+  'data-grist',
+  'data-table',
+  'context-menu',
+  'date-picker',
+  'dropdown',
+  'checkbox',
+  'radio',
+  'button',
+  'input-mask',
+  'rich-text',
+  'datetime',
+  'tooltip',
+  'switch',
+  'select',
+  'tabs',
+  'accordion',
+  'breadcrumb',
+  'chip',
+  'dialog',
+  'menu',
+  'pagination',
+  'splitter',
+  'tree',
+  'avatar',
+  'notify',
+  'scrollbar',
+  'field',
+  'hierarchy',
+  'list',
+  'overlay',
+  'overlay-stack',
+  'popover',
+  'ripple',
+  'scroller',
+  'table',
+  'virtual-list',
+  'input-base',
+  'field-base',
+  'base',
+  'layout-base',
+  'style-base',
+].map((name) => pkg(`@operato/${name}`, '9.0.36')).concat([
+  pkg('@operato/scene', '3.1.18'),
+]);
+const wonderlicPackages = [
+  pkg('@wonderlic/auth', '6.6.7'),
+  pkg('@wonderlic/surveys', '7.2.7'),
+  pkg('@wonderlic/validation', '2.0.15'),
+  pkg('@wonderlic/core', '3.3.3'),
+  pkg('@wonderlic/test-taker-api', '1.5.7'),
+  pkg('@wonderlic/preset-auth', '4.2.7'),
+  pkg('@wonderlic/tds', '3.3.7'),
+  pkg('@wonderlic/wonscore', '7.1.7'),
+  pkg('@wonderlic/reporting', '2.14.7'),
+  pkg('@wonderlic/select', '4.1.8'),
+  pkg('@wonderlic/validation-fns', '1.0.42'),
+];
+const advisories = [
+  {
+    id: 'GHSA-g7cv-rxg3-hmpx',
+    title: 'TanStack npm packages compromised in Mini Shai-Hulud',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'supply-chain',
+    published: '2026-05-11',
+    source: 'https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx',
+    summary: 'A compromised npm token published malicious versions of 42 TanStack packages containing credential exfiltration behavior.',
+    packages: tanstackPackages,
+  },
+  {
+    id: 'SOCKET-mini-shai-hulud-2026-04',
+    title: 'Mini Shai-Hulud campaign affecting SAP CAP, Intercom, Lightning, Mistral and related packages',
+    severity: 'critical',
+    ecosystem: 'mixed',
+    type: 'supply-chain',
+    published: '2026-04-29',
+    source: 'https://socket.dev/supply-chain-attacks/mini-shai-hulud',
+    summary: 'Socket tracked Mini Shai-Hulud packages that exfiltrate secrets and attempt persistence through developer tooling files.',
+    packages: [
+      pkg('@cap-js/cds-types', '0.15.0'),
+      pkg('@cap-js/cds-typer', '0.35.0', { binaries: ['cds-typer'] }),
+      pkg('@cap-js/db-service', '2.4.1'),
+      pkg('@cap-js/cds-odata-v2-adapter-proxy', '1.14.1'),
+      pkg('mbt', '1.2.34', { binaries: ['mbt'] }),
+      pkg('intercom-client', '7.0.4'),
+      pkg('lightning', ['2.6.2', '2.6.3'], { ecosystem: 'pypi', binaries: ['lightning'] }),
+      pkg('mistralai', '2.4.6', { ecosystem: 'pypi' }),
+      pkg('guardrails-ai', '0.10.1', { ecosystem: 'pypi', binaries: ['guardrails'] }),
+      pkg('yidas/codeception-pageobjects', '2.0.5', { ecosystem: 'packagist' }),
+    ],
+  },
+  {
+    id: 'SOCKET-mini-shai-hulud-expansion-2026-05',
+    title: 'Mini Shai-Hulud expansion into AI/devtool ecosystem packages',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'supply-chain',
+    published: '2026-05-12',
+    source: 'https://socket.dev/supply-chain-attacks/mini-shai-hulud',
+    summary: 'Socket and Snyk reporting showed the Mini Shai-Hulud wave expanding into Mistral, UiPath, Squawk, OpenSearch and related packages.',
+    packages: [
+      pkg('@mistralai/mistralai', ['2.2.2', '2.2.3', '2.2.4']),
+      pkg('@mistralai/mistralai-azure', ['1.7.1', '1.7.2', '1.7.3']),
+      pkg('@mistralai/mistralai-gcp', ['1.7.1', '1.7.2', '1.7.3']),
+      pkg('@opensearch-project/opensearch', ['3.5.3', '3.6.2', '3.7.0', '3.8.0']),
+      pkg('cross-stitch', ['1.1.3', '1.1.4', '1.1.5', '1.1.6', '1.1.7']),
+      pkg('ts-dna', ['3.0.4', '3.0.5']),
+      ...miniExpansionPackages,
+      ...operatoPackages,
+      ...wonderlicPackages,
+      ...uipathPackages,
+      ...squawkPackages,
+    ],
+  },
+  {
+    id: 'GHSA-fw8c-xr5c-95f9',
+    title: 'Axios maintainer account compromise pulled malicious plain-crypto-js dependency',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'supply-chain',
+    published: '2026-03-31',
+    source: 'https://socket.dev/blog/axios-npm-package-compromised',
+    summary: 'Two malicious axios versions injected a trojanized plain-crypto-js dependency that ran during postinstall.',
+    packages: [
+      pkg('axios', ['0.30.4', '1.14.1']),
+      pkg('plain-crypto-js', ['4.2.0', '4.2.1']),
+      pkg('@shadanai/openclaw', ['2026.3.28-2', '2026.3.28-3', '2026.3.31-1', '2026.3.31-2']),
+      pkg('@qqbrowser/openclaw-qbot', '0.0.130'),
+    ],
+  },
+  {
+    id: 'SOCKET-namastex-canisterworm-2026-04',
+    title: 'Namastex.ai packages compromised by CanisterWorm',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'ai-supply-chain',
+    published: '2026-04-21',
+    source: 'https://socket.dev/supply-chain-attacks/canisterworm',
+    summary: 'AI and developer tooling packages were compromised with credential theft and worm behavior.',
+    packages: [
+      pkg('@automagik/genie', ['4.260421.33', '4.260421.34', '4.260421.35', '4.260421.36', '4.260421.37', '4.260421.38', '4.260421.39'], { binaries: ['genie', 'automagik'] }),
+      pkg('pgserve', ['1.1.11', '1.1.12', '1.1.13'], { binaries: ['pgserve'] }),
+      pkg('3d-heatmap', '1.0.10'),
+      pkg('storage-indexeddb', '5.6.2'),
+      pkg('gitlens-sdk', '1.2.6'),
+      pkg('block-edit', '1.0.1'),
+      pkg('code-snippet-manager', '1.0.2'),
+    ],
+  },
+  {
+    id: 'SOCKET-canistersprawl-2026-05',
+    title: 'CanisterSprawl Brand-Squat Packages',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'supply-chain',
+    published: '2026-05-08',
+    source: 'https://socket.dev/supply-chain-attacks/canistersprawl',
+    summary: 'Socket tracked brand-squatted npm packages imitating OpenAI, Anthropic, Meta, Vercel, and developer tooling brands.',
+    packages: [
+      pkg('@azure-ai/openai', '1.0.0'),
+      pkg('@openai/agents', '1.0.0'),
+      pkg('@anthropic-ai/claude-code', '1.0.0', { binaries: ['claude-code'] }),
+      pkg('@anthropic/claude-code', '1.0.0', { binaries: ['claude-code'] }),
+      pkg('@meta/llama', '1.0.0'),
+      pkg('@vercel/ai-sdk', '1.0.0'),
+      pkg('@supabase/mcp-server', '1.0.0', { binaries: ['supabase-mcp-server'] }),
+      pkg('@llamaindex/core', '1.0.0'),
+      pkg('@langchain/core', '1.0.0'),
+      pkg('@modelcontextprotocol/sdk-server', '1.0.0'),
+      pkg('@mastra/core', '1.0.0'),
+      pkg('@inngest/agent-kit', '1.0.0'),
+      pkg('@browserbasehq/stagehand', '1.0.0'),
+      pkg('@nomic-ai/nomic', '1.0.0'),
+      pkg('@together-ai/sdk', '1.0.0'),
+      pkg('@cohere-ai/sdk', '1.0.0'),
+      pkg('@mistralai/sdk', '1.0.0'),
+      pkg('@perplexity-ai/sdk', '1.0.0'),
+      pkg('@replicate/sdk', '1.0.0'),
+      pkg('@fireworks-ai/sdk', '1.0.0'),
+      pkg('@groq/sdk', '1.0.0'),
+      pkg('@deepseek-ai/sdk', '1.0.0'),
+    ],
+  },
+  {
+    id: 'SOCKET-rspack-2025-12',
+    title: 'Rspack npm packages compromised',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'supply-chain',
+    published: '2025-12-19',
+    source: 'https://socket.dev/blog/rspack-npm-packages-compromised',
+    summary: 'Malicious Rspack releases contained postinstall malware targeting developer machines and CI environments.',
+    packages: [
+      pkg('@rspack/core', '1.1.7'),
+      pkg('@rspack/cli', '1.1.7', { binaries: ['rspack'] }),
+    ],
+  },
+  {
+    id: 'SOCKET-nx-2025-08',
+    title: 'Nx s1ngularity supply-chain compromise',
+    severity: 'critical',
+    ecosystem: 'npm',
+    type: 'supply-chain',
+    published: '2025-08-27',
+    source: 'https://socket.dev/blog/nx-packages-compromised',
+    summary: 'Malicious Nx versions attempted credential theft from developer environments.',
+    packages: [
+      pkg('nx', ['20.9.0', '20.10.0', '20.11.0', '20.12.0', '21.5.0', '21.6.0', '21.7.0', '21.8.0'], { binaries: ['nx'] }),
+      pkg('@nx/devkit', ['20.9.0', '20.10.0', '20.11.0', '20.12.0', '21.5.0', '21.6.0', '21.7.0', '21.8.0']),
+      pkg('@nx/js', ['20.9.0', '20.10.0', '20.11.0', '20.12.0', '21.5.0', '21.6.0', '21.7.0', '21.8.0']),
+      pkg('@nx/workspace', ['20.9.0', '20.10.0', '20.11.0', '20.12.0', '21.5.0', '21.6.0', '21.7.0', '21.8.0']),
+    ],
+  },
+];
+function flattenAdvisories() {
+  const rows = [];
+  for (const advisory of advisories) {
+    for (const packageRecord of advisory.packages) {
+      const ecosystem = packageRecord.ecosystem || advisory.ecosystem;
+      for (const version of packageRecord.versions) {
+        rows.push({
+          advisoryId: advisory.id,
+          title: advisory.title,
+          severity: advisory.severity,
+          type: advisory.type,
+          source: advisory.source,
+          published: advisory.published,
+          summary: advisory.summary,
+          ecosystem: ecosystem === 'mixed' ? 'npm' : ecosystem,
+          name: packageRecord.name,
+          version,
+          binaries: packageRecord.binaries || [],
+        });
+      }
+    }
+  }
+  return rows;
+}
+module.exports = {
+  SNAPSHOT_DATE,
+  advisories,
+  flattenAdvisories,
+};