Summary
Disclosed in August 2019, CVE-2019-15107 was an unauthenticated remote code execution backdoor in Webmin, a widely deployed web-based system administration tool that runs with root privileges. The backdoor existed in the password_change.cgi feature: a Perl qx() statement passed the unsanitized old (and in some versions expired) parameter from the password-change request straight to a shell, letting an unauthenticated attacker run arbitrary commands as root, with version 1.890 exploitable in its default configuration and 1.900 through 1.920 exploitable when password expiry was enabled. Critically, the malicious code was never present in Webmin's GitHub source, which remained clean; it was inserted directly into the build infrastructure that produced the official SourceForge release packages, so users who installed signed official builds were backdoored while anyone auditing the public Git source saw nothing wrong. Webmin later confirmed the code was added on its build server on two separate occasions, in April 2018 producing the 1.890 release and again in July 2018 reintroducing it into 1.900 through 1.920, meaning backdoored builds were distributed for over a year. The project released 1.930 on August 17, 2019 to remove the backdoor.
How to avoid it in your code
- Build release artifacts from verified source in clean, ephemeral CI and compare against Git.
- Publish and verify reproducible builds so packages match auditable source.
- Sign artifacts and verify provenance (SLSA) before installation.
- Harden and monitor build servers; treat them as high-value targets.
- Diff distributed packages against repository source to detect build-time injection.
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-GV7W-RQVM-QJHR
esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY
- CRITICALNPM-SHAI-HULUD-2-2025
A renewed wave of the Shai-Hulud worm, dubbed Shai-Hulud 2.0 or 'The Second Coming', began around November 21-24, 2025 and affected tens of thousands of GitHub repositories across roughly 350 unique users. The variant moved execution to the pre-install phase, dropped large heavily obfuscated payloads (setup_bun.js and bun_environment.js), and exfiltrated stolen secrets to public GitHub repositories described as 'Sha1-Hulud: The Second Coming'. As an aggressive fallback, it attempted to destroy the victim's entire home directory if credential theft failed.
- CRITICALNPM-SHAI-HULUD-2025
Shai-Hulud was the first self-replicating worm to hit the npm ecosystem, disclosed around September 15, 2025. Beginning with the compromise of @ctrl/tinycolor (over 2 million weekly downloads), the malware harvested developer credentials (npm tokens, GitHub PATs, and AWS/GCP/Azure secrets) using the TruffleHog secret scanner, then automatically authenticated to npm and republished trojanized versions of every package the victim maintained, spreading exponentially without operator intervention. It exfiltrated stolen secrets to attacker webhooks and public GitHub repositories and established persistence via a malicious GitHub Actions workflow. More than 500 packages were ultimately compromised, including several CrowdStrike packages.
- CRITICALNPM-QIX-CHALK-DEBUG-2025
On September 8, 2025, maintainer Josh Junon ('Qix') was phished via a fake npm 2FA-reset email from the spoofed domain support@npmjs.help, giving attackers control of his account. They published malicious versions of 18 foundational packages including chalk@5.6.1, debug@4.4.2, ansi-styles@6.2.2 and strip-ansi@7.1.1, which collectively account for over 2 billion weekly downloads, making it the largest npm supply chain attack by download volume. The injected payload was a browser-based crypto clipper that hooked fetch and XMLHttpRequest, used Levenshtein-distance matching to swap victim wallet addresses across Ethereum, Bitcoin, Solana, Tron, Litecoin and Bitcoin Cash, and hijacked window.ethereum/MetaMask transactions. The malicious versions were live for roughly two hours before removal.
- CRITICALGHSA-CXM3-WV7P-598C
On August 26, 2025, attackers exploited a vulnerable GitHub Actions workflow (added Aug 21) susceptible to code injection via a crafted pull-request title to steal Nx's npm publishing token, then published malicious versions of nx (21.5.0, 20.9.0 and others) and several @nx plugins. The malware scanned the filesystem, collected credentials, npm/GitHub tokens, SSH keys and cryptocurrency wallets, and posted them to public GitHub repositories under victim accounts. Dubbed 's1ngularity', it was the first known supply chain attack to weaponize installed AI CLI tools (Claude, Gemini, q) for reconnaissance. The packages were live for about four hours and thousands of secrets were leaked.
- CRITICALNPM-GLUESTACK-REACT-NATIVE-ARIA-2025
Starting June 6, 2025, a threat actor used a leaked npm access token belonging to a maintainer without 2FA to publish malicious versions of 16-17 React Native Aria and gluestack-ui packages with over 1 million combined weekly downloads. The packages were backdoored with obfuscated Remote Access Trojan (RAT) code hidden using whitespace obfuscation, establishing command-and-control infrastructure and persistence on compromised systems. The same payload was tied to a broader campaign also hitting PyPI; end-user impact was limited by the frontend nature of the libraries and a response within 48 hours.