Nx Compromised: Malware Uses Claude Code CLI to Explore the Filesystem
Original: Nx compromised: malware uses Claude code CLI to explore the filesystem
Key topics
A malicious code slipped into the popular Nx build system, sparking a heated debate about the perils of supply chain security and the trustworthiness of open-source tools. As commenters dug into the details, some raised eyebrows at the suspicious timing of the security alert blog post, with a few even suggesting it might be a clever ruse to get users to run the compromised code. Others chimed in with warnings about the dangers of post-install scripts and the importance of scrutinizing package dependencies. The discussion highlights the ongoing cat-and-mouse game between security researchers and malicious actors, with the community left to ponder the true motives behind the alert and the best ways to stay safe.
Snapshot generated from the HN discussion
Discussion Activity
Moderate engagementFirst comment
36m
Peak period
9
2-3h
Avg / period
3.5
Based on 39 loaded comments
Key moments
- 01Story posted
Aug 27, 2025 at 8:18 AM EDT
4 months ago
Step 01 - 02First comment
Aug 27, 2025 at 8:55 AM EDT
36m after posting
Step 02 - 03Peak activity
9 comments in 2-3h
Hottest window of the conversation
Step 03 - 04Latest activity
Aug 28, 2025 at 1:13 AM EDT
4 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
> Run semgrep --config [...]
> Alternatively, you can run nx –version [...]
Have we not learned, yet? The number of points this submission has already earned says we have not.
People, do not trust security advisors who tell you to do such things, especially ones who also remove the original instructions entirely and replace them with instructions to run their tools instead.
The original security advisory is at https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7... and at no point does it tell you to run the compromised programs in order to determine whether they are compromised versions. Or to run semgrep for that matter.
It seems a lot of general "wisdom" here is thrown by people who have not looked into this particular incident or are unfamiliar with js node dev in general.
Be weary of binary wasms though, harder to analyze. In the end, because it was published and npm allows you to see the history, we can all see.
Still, from a security standpoint, anything within a “package” that is compromised, compromises the package. Don’t install it. Wait for the fix.
Create a blog post about a security issue. Post it on HN and get upvotes. Find people who believe they might be affected. Let them run the affected program. Boom.
I'm not sure which is worse.
Good callout. Evidence so far points to `nx --version` itself being safe because this was in a post-install script but we changed the rec in our post.
We took the versions in the Github security advisory and compiled it into a Semgrep rule which is MIT-licensed: https://semgrep.dev/c/r/oqUk5lJ/semgrep.ssc-mal-resp-2025-08.... Semgrep rules can be overkill for these use cases but it can be convenient to have a single command to check for all affected versions across multiple packages, especially for our users who already have Semgrep installed. That's basically what I did on all our internal repos.
We updated the blog post to note the Semgrep rule is MIT licensed. And you can run locally with Semgrep (which is LGPL: https://github.com/returntocorp/semgrep) if you curl it and run `semgrep --config=rule.yaml`
Still, why does the payload only upload the paths to files without their actual contents?
Why would they not have the full attack ready before publishing it? Was it really just meant as a data gathering operation, a proof of concept, or are they just a bit stupid?
https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7...
Especially: given the .bashrc editing to cause shutdown. This thing is obviously trying to be as loud as possible, without being overly destructive.
https://semgrep.dev/solutions/secure-vibe-coding/
if software development is turning into their demo:
then I'm switching careers to subsistence farming and waiting for the collapseI have Ollama running on my local PC with 128GBs of RAM. If civilization collapses will my tribe be better off compared to a tribe that doesn't have a similar system running on solar power? I would think so. And if we have a local copy of Wikipedia (25GBs compressed, 150GBs uncompressed & with basic images), then we'd be infinitely better off.
My PC isn't anything special and is made of commodity parts.
The tribe members do not have to run ollama on their phones. My PC could be the server that they connect to over tribe wifi.
Capabilities of commodity PCs continue to grow every year. This appears to make a complete civilization collapse near impossible. As long as some of us survive the initial catastrophic event, and the planet can sustain human life, humanity will not be starting from scratch and will bounce back.
I worked at an enormous company that made embedded products. In the entire company, there were maybe ~12 engineers that knew how to boot up the various products. None of them were capable of booting all the devices. There was another team dedicated to preserving the knowledge they had because when one would retire they didn't even bother handing over all the knowledge. Only active product lines were transitioned to another employee. If a product line was brought back for a new contract and the bootloader was not already available, there were a huge number of man hours budgeted for that activity alone.
* https://news.ycombinator.com/item?id=45040126
* https://news.ycombinator.com/item?id=45040507
It only did run affected programs of course but it's so stupid to even talk about vscode in that case. if you used the affected nx versions you are affected no matter if you used vscode,webstorm, whatever ide of your liking. if you used a not affected nx version nothing happend no matter which vscode version you used.
I thought it was useful to include because:
* it can inform triage, if you use the extension you're more likely to be impacted * because it was VSCode, Workplace Trust actually partially mitigated this in at least 38 cases
I found the first submission on the story (https://news.ycombinator.com/item?id=45034496), which used a github url, and merged the thread into it - more explanation at https://news.ycombinator.com/item?id=45042727.
I'll put the two blog posts that people have been linking to in the top text there, so people can read them if they want.
* we'll re-up the post so that it goes to roughly the same place on the frontpage that this submission was at before merging. that relativizes the timestamp (here: https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...), but I believe longcat's submission was first.
Sorry neuroo - I know it sucks to have a post doing well on HN's frontpage and them plummet. But users are disagreeing about which URL is best so it seems safest to pick the original/official source, and to give the 'credit' to the first submitter.