A successful compromise gives attackers authenticated access to your cloud infrastructure using legitimate credentials, enabling data exfiltration, resource abuse (cryptomining, lateral movement), and potential destruction of cloud-hosted data or services. Organizations in regulated industries face breach notification obligations if cloud environments hosting personal, financial, or health data were accessed. The AI agent configuration persistence mechanism means remediation is not complete after a package upgrade alone, extending operational disruption and increasing the cost of incident response.
You Are Affected If
You use any of the following npm packages in development or CI/CD pipelines: mbt, @cap-js/db-service, @cap-js/postgres, or @cap-js/sqlite, with versions installed or updated on or after 2026-04-29
Your CI/CD pipelines run on GitHub Actions with OIDC trusted publishing configured without workflow-level restrictions on npm publish token issuance
Developer machines or CI/CD runners have cloud provider credentials configured (AWS, Azure, GCP, or Kubernetes) accessible to the build environment
Developers on affected machines use VS Code or Claude Code as their IDE or AI coding assistant, as agent configuration files are a targeted persistence vector
You have not yet audited and rotated cloud credentials accessible from environments where the affected packages were installed
Board Talking Points
Attackers compromised four widely used open-source SAP development tools and used them to steal cloud access credentials from any organization that installed the affected versions.
Security teams should rotate all cloud credentials exposed to affected build environments and audit AI coding tool configurations today — patched packages are available.
Organizations that do not act risk attackers retaining persistent access to cloud infrastructure through stolen credentials, even after the compromised packages are removed.
SOC 2 — CI/CD pipeline compromise and cloud credential exfiltration directly implicate availability, confidentiality, and change management trust service criteria for affected service organizations
ISO/IEC 27001 — Compromise of software supply chain and credential stores maps to Annex A controls A.8.29 (security testing in development), A.8.9 (configuration management), and A.8.12 (data leakage prevention)
GDPR / regional data protection — If cloud environments hosting personal data of EU residents were accessed using exfiltrated credentials, a 72-hour breach notification assessment is required under Article 33
