NPM supply chain attack compromises 17 popular React Native packages
Take action: If you're using any GlueStack @react-native-aria packages, check your package.json files and update to the latest safe versions. Then scan your systems for signs of compromise and review firewall logs for any suspicious outbound connections to unknown command-and-control servers. If you are a code publisher, make sure all your NPM publishing tokens are secure and have MFA enforced.
Learn More
A supply chain attack is compromising 17 widely-used GlueStack NPM packages under the @react-native-aria scope. The attack was discovered by cybersecurity firm Aikido Security.
The compromise began on June 6, 2025, at 9:33 PM GMT (4:33 PM EST) when attackers first targeted the @react-native-aria/focus package. Eight more packages were compromised between 00:37 and 00:48 GMT on June 7, followed by seven additional packages between 14:28 and 14:46 GMT the same day.
The attack vector was compromised access credentials. The attackers obtained outdated automation tokens that lacked two-factor authentication protection, allowing them to publish unauthorized versions directly to the NPM registry
The attackers injected heavily obfuscated malicious code that functions as a remote access trojan (RAT) into the packages' source files. The malicious code was appended to the last line of the lib/index.js file, padded with numerous spaces to avoid detection when viewing the source code on the NPM website.
The compromised malware provides attackers with system access capabilities, including:
- Remote command execution via shell commands
- Directory navigation and file system manipulation
- File upload capabilities to attacker-controlled servers
- Screenshot capture functionality
- Cryptocurrency mining
- Windows PATH hijacking through fake Python installation paths
- Connection to command-and-control servers for receiving additional instructions
The compromised packages amount to over a million weekly downloads, including
- @react-native-aria/focus (100,000 weekly downloads),
- @react-native-aria/interactions (125,000 weekly downloads),
- @react-native-aria/utils (120,000 weekly downloads),
- @react-native-aria/overlays (96,000 weekly downloads),
- @react-native-aria/checkbox (81,000 weekly downloads), among others.
Aikido Security attributes this attack to the same threat actors responsible for compromising other NPM packages in recent weeks, including biatec-avm-gas-station, cputil-node, lfwfinance/sdk, lfwfinance/sdk-dev, and the rand-user-agent package compromised in May 2025.
Aikido Security researcher Charlie Eriksen attempted to notify GlueStack about the compromise by creating GitHub issues on the project repositories. Initial response was delayed due to the timing of the attack during a weekend.
GlueStack revoked the compromised access token and marked the affected package versions as deprecated on NPM. A GlueStack developer explained that unpublishing the compromised versions wasn't possible due to dependent packages, so they deprecated the affected versions and updated the latest tags to point to safe, older versions instead.
Given the packages' popularity and enterprise adoption, security experts consider this a potentially catastrophic supply chain attack. Organizations using any of the compromised package versions are advised to immediately check firewall logs for suspicious command-and-control server connections, update to safe package versions, and scan systems for indicators of compromise.
