NowSecure is responding to a security incident related to a supply chain attack against the Postman software, which was recently disclosed by Postman in a blog post as the "Shai-Hulud 2.0 npm supply-chain attack." This incident involved the compromise of certain Postman-maintained NPM packages.
On November 26, 2025 we became aware that certain NowSecure CI/CD data was compromised by tainted NPM packages, and we initiated incident response procedures.
Data Impacted:
- Certain secret values (tokens/credentials) and non-secret variables in the CI/CD pipeline
- No evidence of customer data impact
Actions Taken by NowSecure:
- All potentially exposed tokens or credentials have been rotated across our systems
- Removed tainted NPM packages and pinned to known safe versions
- Reviewing logs to uncover unauthorized access (if any)
- Actively investigating any further potential impact on our environment
Current Status:
We are continuing to investigate, and our services remain fully operational and available.
At this time our investigation finds that no personal information, customer data, or systems hosting customer data have been accessed by unauthorized parties. This notice is for customer information purposes, no action is required.
We will continue to monitor the situation and provide updates as they become available.
Comments
Article is closed for comments.