A new supply chain attack dubbed PhantomRaven has flooded the npm registry with malicious packages that steal credentials, tokens, and secrets during installation. The packages appear safe when first downloaded, making them particularly difficult for security apps to identify.

According to researchers at Koi , the campaign has been active since at least August 2025 and involves 126 malicious packages published by multiple accounts. At least 86,000 downloads were recorded before the campaign was exposed this week, and more than 80 of the infected packages were still live at the time of disclosure.

What sets PhantomRaven apart is its use of a new technique the researchers call Remote Dynamic Dependencies (RDD). Unlike typical npm malware, which relies on visible dependencies or post-instal

See Full Page