Home / Companies / Nx / Blog / Post Details
Content Deep Dive

Postmortem: Nx Console v18.95.0 supply-chain compromise

Blog post from Nx

Post Details
Company
Nx
Date Published
Author
Jack Hsu
Word Count
2,849
Company Posts That Month
3
Language
English
Hacker News Points
-
Post removed?
No
Summary

In a security incident involving the Nx Console VS Code extension, a malicious version (v18.95.0) was briefly published to the Visual Studio Marketplace and Open VSX registry on May 18, 2026, due to a supply-chain compromise originating from TanStack. The attack exploited a credential-stealing payload that had been silently exfiltrated from a contributor's machine, allowing an attacker to publish the malicious extension under the guise of a legitimate contributor. This version included a credential-harvesting payload that put users' sensitive information at risk. The extension was live for a short window—approximately 11 minutes on Visual Studio Marketplace and 36 minutes on Open VSX—before being unpublished, following rapid detection and response by maintainers. Despite the quick response, internal analytics suggest a potentially larger number of affected users than initially reported, prompting a comprehensive credential rotation and hardening of the publishing pipeline to prevent future incidents. The incident highlighted several security vulnerabilities, including insufficiently enforced release policies, lack of monitoring for suspicious activities, and the need for dual-approval processes in publishing workflows. It was determined that the Nx CLI, plugins, and Nx Cloud were not impacted by this breach.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 7 2,152 360 101 +18%
Kubernetes 2 1,965 371 106 -15%
Real-time 1 5,735 1,391 247 -9%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.