Likelihood: HIGH
Impact: HIGH
Treatment: MITIGATE
Confidence: Moderate
Likelihood is high because malicious packages remain live on npm as of publication, typosquat against a 127M-weekly-download package lowering accidental installation probability, and one cluster is attributed to a state-sponsored North Korean operation (PolinRider) with confirmed active GitHub repository compromise (~2,000 repos); impact is high because successful installation yields persistent RAT/rootkit access plus exfiltration of SSH keys, GitHub CLI tokens, and Claude Code credentials — enabling lateral movement into source code repositories, CI/CD pipelines, and downstream customer-facing software.
Treatment rationale: Active, live malicious packages with confirmed state-nexus activity and direct exposure to developer toolchains demand immediate defensive action; residual risk is not acceptable at current exposure levels and transfer alone cannot address the operational and reputational consequences of a supply-chain compromise reaching production software.
Third-Party / Supply-Chain Risk
Per NIST SP 800-161, the npm registry functions as a fourth-party dependency channel: any organization consuming Node.js packages — directly or via transitive dependency — inherits exposure from registry-level compromise. The typosquat against postcss-selector-parser means the malicious packages can enter via automated dependency resolution without direct developer action. GitHub's platform is additionally affected as a distribution channel (~2,000 compromised repositories), meaning vendor-hosted CI/CD workflows, Actions pipelines, and shared GitHub CLI credentials are all potential ingress vectors into first-party environments. Organizations with containerized developer environments using Docker are also named in the affected scope, extending the supply-chain exposure surface.
Loss Exposure (illustrative)
Magnitude: high — illustrative $500K–$5M per exposed organization where developer credentials reach production repositories or customer-facing pipelines; lower end assumes contained credential reset and no code injection confirmed; upper end reflects discovery of malicious code in shipped software requiring customer notification and remediation
Frequency: For an organization with active npm-consuming development teams and no immediate package audit controls in place, illustrative contact frequency is moderate-to-high — one to several potential exposure events annually given the volume of packages involved and continued registry availability of malicious packages as of publication
Annualized: Illustrative ALE: moderate-to-high exposure organizations without current npm integrity controls — illustrative $200K–$1.5M annualized, weighted by probability that a live malicious package enters the build pipeline before detection and removal
Basis: Loss magnitude driven by: (1) credential exfiltration scope covering SSH, GitHub CLI, and Claude Code — each capable of granting repository write access; (2) rootkit and RAT persistence implying extended dwell time before detection, increasing investigation and remediation cost; (3) downstream customer notification costs if injected code reaches shipped software; (4) state-nexus activity suggesting targeted, not opportunistic, follow-on exploitation. Frequency driven by: live package availability on npm as of publication, typosquat mechanism requiring no user error beyond standard dependency resolution, and CI/CD automation that may install packages without human review. Figures are illustrative, not actuarial.
Illustrative estimate — not actuarially derived.
Insurance / Contractual / Legal — Potential Obligations
Potential triggers, not legal determinations. Verify with counsel/broker before acting.
• Exfiltration of developer credentials (SSH keys, GitHub tokens, Claude Code sessions) that can access repositories containing customer data or PII may invoke data breach notification obligations — verify with counsel.
• If compromised developer credentials are used to inject malicious code into software delivered to customers, downstream software supply-chain liability clauses in customer contracts may be triggered — verify with counsel.
• State-nexus attribution (North Korea / PolinRider) may invoke cyber-insurance policy exclusions for nation-state acts — verify with broker before assuming coverage applies.
• Compromise of CI/CD pipeline credentials used in regulated environments (e.g., PCI DSS, HIPAA-covered software) may trigger mandatory incident reporting to regulators or payment brands — verify with counsel.
