MITRE ATT&CK Technique
Description
Adversaries may manipulate software dependencies and development tools prior to receipt by a final consumer for the purpose of data or system compromise. Applications often depend on external software to function properly. Popular open source projects that are used as dependencies in many applications, such as pip and NPM packages, may be targeted as a means to add malicious code to users of the dependency.(Citation: Trendmicro NPM Compromise)(Citation: Bitdefender NPM Repositories Compromised 2021)(Citation: MANDVI Malicious npm and PyPI Packages Disguised) This may also include abandoned packages, which in some cases could be re-registered by threat actors after being removed by adversaries.(Citation: The Hacker News PyPi Revival Hijack 2024) Adversaries may also employ "typosquatting" or name-confusion by choosing names similar to existing popular libraries or packages in order to deceive a user.(Citation: Ahmed Backdoors in Python and NPM Packages)(Citation: Meyer PyPI Supply Chain Attack Uncovered)(Citation: Checkmarx-oss-seo) Additionally, CI/CD pipeline components, such as GitHub Actions, may be targeted in order to gain access to the building, testing, and deployment cycles of an application.(Citation: Unit 42 Palo Alto GitHub Actions Supply Chain Attack 2025) By adding malicious code into a GitHub action, a threat actor may be able to collect runtime credentials (e.g., via [Proc Filesystem](https://attack.mitre.org/techniques/T1003/007)) or insert further malicious components into the build pipelines for a second-order supply chain compromise.(Citation: OWASP CICD-SEC-4) As GitHub Actions are often dependent on other GitHub Actions, threat actors may be able to infect a large number of repositories via the compromise of a single Action.(Citation: Palo Alto Networks GitHub Actions Worm 2023) Targeting may be specific to a desired victim set or may be distributed to a broad set of consumers but only move on to additional tactics on specific victims.
Supported Platforms
Created
April 29, 2026
Last Updated
April 29, 2026
STIX Data
{'created': '2020-03-11T14:13:42.916Z',
'created_by_ref': 'identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5',
'description': 'Adversaries may manipulate software dependencies and '
'development tools prior to receipt by a final consumer for '
'the purpose of data or system compromise. Applications often '
'depend on external software to function properly. Popular '
'open source projects that are used as dependencies in many '
'applications, such as pip and NPM packages, may be targeted '
'as a means to add malicious code to users of the '
'dependency.(Citation: Trendmicro NPM Compromise)(Citation: '
'Bitdefender NPM Repositories Compromised 2021)(Citation: '
'MANDVI Malicious npm and PyPI Packages Disguised) This may '
'also include abandoned packages, which in some cases could be '
're-registered by threat actors after being removed by '
'adversaries.(Citation: The Hacker News PyPi Revival Hijack '
'2024) Adversaries may also employ "typosquatting" or '
'name-confusion by choosing names similar to existing popular '
'libraries or packages in order to deceive a user.(Citation: '
'Ahmed Backdoors in Python and NPM Packages)(Citation: Meyer '
'PyPI Supply Chain Attack Uncovered)(Citation: '
'Checkmarx-oss-seo)\n'
'\n'
'Additionally, CI/CD pipeline components, such as GitHub '
'Actions, may be targeted in order to gain access to the '
'building, testing, and deployment cycles of an '
'application.(Citation: Unit 42 Palo Alto GitHub Actions '
'Supply Chain Attack 2025) By adding malicious code into a '
'GitHub action, a threat actor may be able to collect runtime '
'credentials (e.g., via [Proc '
'Filesystem](https://attack.mitre.org/techniques/T1003/007)) '
'or insert further malicious components into the build '
'pipelines for a second-order supply chain '
'compromise.(Citation: OWASP CICD-SEC-4) As GitHub Actions are '
'often dependent on other GitHub Actions, threat actors may be '
'able to infect a large number of repositories via the '
'compromise of a single Action.(Citation: Palo Alto Networks '
'GitHub Actions Worm 2023)\n'
'\n'
'Targeting may be specific to a desired victim set or may be '
'distributed to a broad set of consumers but only move on to '
'additional tactics on specific victims. ',
'external_references': [{'external_id': 'T1195.001',
'source_name': 'mitre-attack',
'url': 'https://attack.mitre.org/techniques/T1195/001'},
{'description': 'Asi Greenholts. (2023, September '
'14). The GitHub Actions Worm: '
'Compromising GitHub Repositories '
'Through the Actions Dependency Tree. '
'Retrieved May 22, 2025.',
'source_name': 'Palo Alto Networks GitHub Actions '
'Worm 2023',
'url': 'https://www.paloaltonetworks.com/blog/cloud-security/github-actions-worm-dependencies/'},
{'description': 'Darren Meyer. (2025, May 28). PyPI '
'Supply Chain Attack Uncovered: '
'Colorama and Colorizr Name '
'Confusion. Retrieved September 24, '
'2025.',
'source_name': 'Meyer PyPI Supply Chain Attack '
'Uncovered',
'url': 'https://checkmarx.com/zero-post/python-pypi-supply-chain-attack-colorama/'},
{'description': 'Deeba Ahmed. (2025, June 2). '
'Backdoors in Python and NPM Packages '
'Target Windows and Linux. Retrieved '
'September 24, 2025.',
'source_name': 'Ahmed Backdoors in Python and NPM '
'Packages',
'url': 'https://hackread.com/backdoors-python-npm-packages-windows-linux/'},
{'description': 'MANDVI. (2025, April 22). Malicious '
'npm and PyPI Packages Disguised as '
'Dev Tools to Steal Credentials. '
'Retrieved September 24, 2025.',
'source_name': 'MANDVI Malicious npm and PyPI '
'Packages Disguised',
'url': 'https://cyberpress.org/malicious-npm-and-pypi-packages-disguised-as-dev-tools'},
{'description': 'Omer Gilm Aviad Hahami, Asi '
'Greenholts, and Yaron Avital. (2025, '
'March 20). GitHub Actions Supply '
'Chain Attack: A Targeted Attack on '
'Coinbase Expanded to the Widespread '
'tj-actions/changed-files Incident: '
'Threat Assessment . Retrieved May '
'22, 2025.',
'source_name': 'Unit 42 Palo Alto GitHub Actions '
'Supply Chain Attack 2025',
'url': 'https://unit42.paloaltonetworks.com/github-actions-supply-chain-attack'},
{'description': 'OWASP. (n.d.). CICD-SEC-4: Poisoned '
'Pipeline Execution (PPE). Retrieved '
'May 22, 2025.',
'source_name': 'OWASP CICD-SEC-4',
'url': 'https://owasp.org/www-project-top-10-ci-cd-security-risks/CICD-SEC-04-Poisoned-Pipeline-Execution'},
{'description': 'Ravie Lakshmanan. (2024, September '
'4). Researchers Find Over 22,000 '
'Removed PyPI Packages at Risk of '
'Revival Hijack. Retrieved May 22, '
'2025.',
'source_name': 'The Hacker News PyPi Revival Hijack '
'2024',
'url': 'https://thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html'},
{'description': 'Silviu Stahie. (2021, November 8). '
'Popular NPM Repositories Compromised '
'in Man-in-the-Middle Attack. '
'Retrieved May 22, 2025.',
'source_name': 'Bitdefender NPM Repositories '
'Compromised 2021',
'url': 'https://www.bitdefender.com/en-gb/blog/hotforsecurity/popular-npm-repositories-compromised-in-man-in-the-middle-attack'},
{'description': 'Trendmicro. (2018, November 29). '
'Hacker Infects Node.js Package to '
'Steal from Bitcoin Wallets. '
'Retrieved April 10, 2019.',
'source_name': 'Trendmicro NPM Compromise',
'url': 'https://www.trendmicro.com/vinfo/dk/security/news/cybercrime-and-digital-threats/hacker-infects-node-js-package-to-steal-from-bitcoin-wallets'},
{'description': 'Yehuda Gelb. (2024, April 10). New '
'Technique to Trick Developers '
'Detected in an Open Source Supply '
'Chain Attack. Retrieved June 18, '
'2024.',
'source_name': 'Checkmarx-oss-seo',
'url': 'https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/'}],
'id': 'attack-pattern--191cc6af-1bb2-4344-ab5f-28e496638720',
'kill_chain_phases': [{'kill_chain_name': 'mitre-attack',
'phase_name': 'initial-access'}],
'modified': '2025-10-24T17:48:27.436Z',
'name': 'Compromise Software Dependencies and Development Tools',
'object_marking_refs': ['marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168'],
'revoked': False,
'spec_version': '2.1',
'type': 'attack-pattern',
'x_mitre_attack_spec_version': '3.3.0',
'x_mitre_contributors': ['Enis Aksu',
'Joe Gumke, U.S. Bank',
'Liran Ravich, CardinalOps'],
'x_mitre_deprecated': False,
'x_mitre_detection': '',
'x_mitre_domains': ['enterprise-attack'],
'x_mitre_is_subtechnique': True,
'x_mitre_modified_by_ref': 'identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5',
'x_mitre_platforms': ['Linux', 'macOS', 'Windows'],
'x_mitre_version': '1.3'}