In 2025, the npm ecosystem faced three major supply chain attacks. A phishing email to a maintainer compromised packages like chalk and debug, exposing 2.6 billion weekly downloads. Another campaign used a stolen token to steal 2,349 credentials. A self-replicating worm, Shai-Hulud 2.0, infected 796 packages, threatening to wipe developer home directories.

The attacks exploited npm's core vulnerabilities: executable code during install, a vast dependency tree (averaging 28 transitive dependencies per project), and a centralized trust model where one compromised maintainer risks thousands of projects. This mirrors the 2016 left-pad incident, where a tiny package broke the internet, exposing JavaScript's lack of a mature standard library.

In response, npm revoked classic tokens and mandated granular access tokens and 2FA for publishers. Developers can mitigate risk with a 3-day dependency cooldown in pnpm or Yarn, using `npm ci` with lock files, and auditing tools like Dependabot. The Seattle Times reported zero impact after implementing these measures, proving that process changes can block attacks even during a compromise window.