UNC6426

UNC6426 leveraged keys from an August 2025 nx npm supply chain compromise to obtain a GitHub token and escalate to AWS administrator permissions in under 72 hours, leading to S3 data exfiltration and production resource destruction.