This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

NPM supply chain attack detection?

AntonioSousa
DynaMight Guru
DynaMight Guru

‎11 Sep 2025 05:32 PM

Just wondering how, if, it is possible to detect situations like the one that involved NPM some days ago, with Dynatrace?
https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/

 

Antonio Sousa
Labels:
Reply
4 REPLIES 4

Kenny_Gillette
DynaMight Leader
DynaMight Leader

‎11 Sep 2025 05:55 PM

I was wondering the same thing

Dynatrace Certified Professional
0 Kudos
Reply

christian_kreuz
Dynatrace Advisor
Dynatrace Advisor

‎12 Sep 2025 01:02 PM

 

If you are monitoring logs of your CI/CD pipeline, NPM Cache / Proxy, or even Renovate, you might be able to find the log output containing one of these malicious packages:

fetch logs
| search "*is-arrayish*"

 

My advise is to check which systems are monitored, and then narrow down the filters to a specialized query for those systems.

You can then re-use that when the next supply chain attack hits the world.

Reply

AntonioSousa
DynaMight Guru
DynaMight Guru
In response to christian_kreuz

‎12 Sep 2025 01:46 PM

@christian_kreuz ,

Besides being affected or for forensics purposes, I was more wondering about detecting them before being impacted?

Antonio Sousa
0 Kudos
Reply

Kenny_Gillette
DynaMight Leader
DynaMight Leader
In response to christian_kreuz

‎12 Sep 2025 02:03 PM

So if I see this then there is still an issue?

Dynatrace Certified Professional
0 Kudos
Reply
Ask a question

Featured Posts