Clankerusecase
MITRE ATT&CK detection coverage
 ← Back to main site
Home/ MITRE Matrix/ Credential Access/ T1552.001

T1552.001Credentials In Files

T1552.001 — Credentials In Files is a MITRE ATT&CK technique in the Credential Access tactic. Clankerusecase tracks 100 detection use cases covering it and 72 threat-intel articles citing it.

Credential Access
View on the matrix → Filter Detection Library MITRE official spec ↗
100Use cases
72Articles
0Sub-techniques
1Tactic
↑ Parent technique: T1552 · Unsecured Credentials

Use cases covering this technique (100)

Azure Key Vault keys / secrets read Internal actions · alerting DD [WEEKLY] Cross-category credential-store enumeration with rapid egress to anonymizing tunnel/CDN Internal actions · alerting DSPDD [WEEKLY] Developer interpreter / package-manager process exfiltrating tokens to public code-hosting / worker domains Internal install · alerting DSPDDCSCW [WEEKLY] Install-Triggered Registry Publish or Git Push (Supply-Chain Worm Self-Propagation) Internal actions · alerting DSPDDCSCW [WEEKLY] npm-install spawned process performing cred-file fan-out plus IMDS reach Internal actions · alerting DSPDDCSCW [WEEKLY] npm Install-Time Lifecycle Hook Triggers Outbound Egress to Newly-Seen Domain (Shai-Hulud/Miasma/IronWorm pattern) Internal install · alerting DSPDD [WEEKLY] npm/yarn/pnpm Install-Hook Spawn → Credential-Store Read or Worm-Payload Drop in node_modules Internal install · alerting DSΣPDD [WEEKLY] Package install lifecycle hook spawns interpreter that reads developer credential stores Internal install · alerting DSPDDCS [WEEKLY] Package-install lifecycle script harvests local credentials and beacons to a non-baselined domain Internal install · alerting DSPDD [WEEKLY] Package-manager child process credential fan-out with public egress (Mini Shai-Hulud / TeamPCP worm chain) Internal install · alerting DSPDD [WEEKLY] Package Manager / Dev-Tool Auto-Execution Triggers Non-Registry Egress or Credential-Store Access Internal install · alerting DSPDD [WEEKLY] Package-manager install hook spawns interpreter that beacons to non-registry host within 120s Internal install · alerting DSPDD [WEEKLY] Package Manager Install Hook Spawns Scripting Interpreter Then Touches Credential Files or Egresses Off-Registry Internal install · alerting DSPDD [WEEKLY] Package-Manager Install -> Interpreter Child -> Non-Registry Egress Within 5 Minutes Internal install · alerting DSPDD [WEEKLY] Package-manager install-time interpreter spawn with credential-file read and outbound egress within 120s Internal install · alerting DSPDD [WEEKLY] Package manager lifecycle hook spawns network-fetching shell or runtime Internal install · alerting DSΣPDD [WEEKLY] Supply-chain repo credential theft → outbound exfil to attacker infra Internal actions · alerting DSPDD MCP Github Suspicious Operation ESCU actions · hunting P MCP Sensitive System File Search ESCU actions · hunting P Potential password in username ESCU actions · hunting P Shai-Hulud 2 Exfiltration Artifact Files ESCU actions · alerting P Windows Unusual FileZilla XML Config Access ESCU actions · hunting P Windows Unusual Intelliform Storage Registry Access ESCU actions · hunting P [LLM] Non-browser process fan-out reading SSH/npm/Docker/AWS/browser credential stores on Arch host Bespoke actions · hunting DSPDDCS [LLM] Atomic Arch infostealer — bulk reads of SSH/npmrc/Vault/browser-cookie files by non-shell process Bespoke actions · hunting DSPDDCS [LLM] TruffleHog binary spawned by npm/node — Shai-Hulud secret harvest Bespoke actions · alerting DSΣPDDCS [LLM] AI coding agent descendant reading developer credentials / env (Agentjacking credential access) Bespoke actions · hunting DSΣPDDCS [LLM] PowerShell process invoking LDAP:// with hardcoded plaintext credential Bespoke actions · alerting DSΣPDDCS [LLM] OpenClaw agent runtime reads secrets store (.env / .aws / id_rsa) followed by external network egress Bespoke actions · alerting DSPDDCS [LLM] Bun runtime egress to npm/PyPI publish endpoints or attacker-controlled GitHub repos Bespoke c2 · hunting DSΣPDDCS [LLM] npm install-time process reads .npmrc, SSH key, or cloud-credential file Bespoke actions · alerting DSPDDCS [LLM] Meta Graph API request with access_token in URL query string (CVE-2026-48039 leak signature) Bespoke c2 · alerting DSΣPDDCS [LLM] npm publish / login / auth-token write from a developer endpoint Bespoke actions · hunting DSPDDCS [LLM] Cross-platform memory scraping of GitHub Actions Runner.Worker process Bespoke actions · hunting DSPDDCS [LLM] Node child of node-gyp/python making outbound to GitHub dead-drop or anomalous web service during install Bespoke exfil · hunting DSPDDCS [LLM] Bun runtime reading developer credential files (.npmrc / .pypirc / .ssh / .env / cloud configs) Bespoke actions · alerting DSPDDCS [LLM] Claude Code Action Read tool exfil: node opens /proc/<pid>/environ on Linux CI runner Bespoke exploit · alerting DSΣPDDCS [LLM] Claude Code Read tool steered to cloud-credential files on GitHub Actions runner Bespoke exploit · alerting DSΣPDDCS [LLM] Cloud/SSH/npm credential file access by Node or Bun during npm install Bespoke actions · hunting DSPDDCS [LLM] Cloud IMDS credential harvesting from node/bun process on CI runner Bespoke actions · alerting DSΣPDDCSCW [LLM] Cloud credential file access by node/python runtime Bespoke actions · hunting DSΣPDDCS [LLM] Process reading /proc/<pid>/mem of GitHub Actions Runner.Worker (in-memory secret extraction) Bespoke actions · alerting DSΣPDDCS [LLM] Kubernetes API curl/wget with ServiceAccount token from container Bespoke actions · alerting DSΣPDDCSCW [LLM] Vulnerable praisonai-platform deployment hunt (uvicorn launching praisonai_platform.api.app) Bespoke install · hunting DSΣPDDCS [LLM] PraisonAI Python subprocess spawns OS shell with discovery / credential-reading commands Bespoke exploit · alerting DSPDDCS [LLM] Container default credential leak — PKP_DB_PASSWORD=changeMePlease and --secret Bespoke weapon · hunting DSΣPDDCS [LLM] Mini Shai-Hulud npm worm exfil to filev2.getsession.org Bespoke actions · alerting DSPDDCS [LLM] npm/yarn/pnpm postinstall hook spawning credential-harvest tooling Bespoke install · hunting DSΣPDDCS [LLM] Shai-Hulud npm postinstall reads cloud credential files (~/.aws, ~/.ssh, ~/.kube, gcloud ADC) Bespoke install · alerting DSΣPDDCS [LLM] Non-Codex-CLI node process reading ~/.codex/auth.json (Codex OAuth credential theft) Bespoke actions · alerting DSΣPDDCS [LLM] npm/bun process writing GitHub Actions workflow files (worm secret-exfil injection) Bespoke actions · hunting DSΣPDDCS [LLM] Megalodon harvester: bash secret-grep across workspace (API_KEY|SECRET|TOKEN|PRIVATE_KEY|BEGIN RSA) Bespoke actions · hunting DSΣPDDCS [LLM] Megalodon harvester: clustered read of ~/.ssh/id_*, ~/.kube/config, ~/.npmrc, ~/.docker/config.json in one session Bespoke actions · hunting DSPDDCS [LLM] Developer credential store read by Python or Node spawned from VS Code (Nx Console stealer pattern) Bespoke actions · hunting DSPDDCS [LLM] Compromised @cap-js stealer artefact hash present on disk or in execution Bespoke install · hunting DSΣPDDCS [LLM] VS Code extension host fan-out reads of developer secrets (.ssh, .aws, .npmrc, ~/.claude/settings.json) Bespoke actions · hunting DSPDDCS [LLM] Burst credential-file harvest by VS Code / node process (Nx Console stealer behaviour) Bespoke actions · hunting DSPDDCS [LLM] Python Process Reading Multi-Cloud Credential Stores (durabletask Stealer Stage) Bespoke actions · hunting DSPDDCS [LLM] HAXcms CVE-2026-46395: unauthenticated GET to /system/api/connectionSettings Bespoke exploit · alerting SΣPDDCS [LLM] GitHub Actions Runner.Worker process-memory secret scraping via /proc Bespoke actions · hunting DSΣPDDCS [LLM] python3 reading /proc/<PID>/mem to scrape Runner.Worker secrets Bespoke actions · alerting DSΣPDDCS [LLM] Node.js process bulk-reading cloud & SCM credential files in single session Bespoke actions · hunting DSPDDCS [LLM] Arcane GitOps: non-admin PUT on /api/customize/git-repositories/{id} followed by /test, /branches, or /files within 5 min (CVE-2026-45625 cr Bespoke actions · alerting SPDD [LLM] node.js process staging credential dump in nt-* temp directory Bespoke actions · hunting DSΣPDDCS [LLM] Node/npm/Bun process enumerating cloud, wallet, AI, and messaging credential file paths Bespoke actions · hunting DSPDDCS [LLM] Mini Shai-Hulud: Bun runtime executing `router_runtime.js` (2nd-stage stealer) Bespoke actions · alerting DSΣPDD [LLM] Mini Shai-Hulud known SHA256 IOC match (setup.mjs / execution.js / runner-memory dumper) Bespoke install · hunting DSΣPDD [LLM] Node.js postinstall reading .env / .env.* during package install Bespoke actions · alerting DSPDDCS [LLM] Credential archive staging — trin.tar.gz created by python process Bespoke actions · alerting DSΣPDDCS [LLM] Shai-Hulud preinstall: node/npm spawning git/curl/gh pushing to attacker repo or GitHub API Bespoke actions · hunting DSPDDCS [LLM] Read of /proc/<pid>/mem targeting GitHub Runner.Worker (TeamPCP credential dump) Bespoke actions · alerting DSΣPDD [LLM] hackerbot-claw token exfiltration: curl POST with GITHUB_TOKEN to recv.hackmoltrepeat.com Bespoke actions · alerting DSΣPDDCS [LLM] Access to OpenClaw credential store (~/.openclaw/credentials/, ~/.openclaw/config.json5) Bespoke actions · alerting DSΣPDDCS [LLM] In-cluster Kubernetes secret enumeration with Python user-agent (litellm stealer K8s pivot) Bespoke actions · alerting DSΣPDDCS [LLM] TeamPCP exfiltration archive — tpcp.tar.gz file creation on host Bespoke actions · alerting DSΣPDD [LLM] GitHub Actions runner credential stealer: python3 base64-decoded payload reading /proc/<pid>/mem Bespoke actions · hunting DSPDD [LLM] TeamPCP Linux credential harvest: Python reading /etc/shadow + auth.log + cloud Bespoke actions · hunting DSPDDCS [LLM] Exfiltration to kubernetes-el attacker webhook.site UUIDs (Pwn Request payload) Bespoke c2 · alerting DSΣPDD [LLM] Storybook portable-stories RCE — vitest/node spawning shell, recon or secret-grep child (CVE-2026-27148) Bespoke exploit · alerting DSΣPDDCS [LLM] s1ngularity Nx postinstall — `gh auth token` spawned by node/npm on CI runner Bespoke install · alerting DSΣPDDCS [LLM] tj-actions/changed-files compromise: memdump.py secret-exfiltration shell pattern on runner (CVE-2025-30066) Bespoke actions · alerting DSΣPDD [LLM] AI agent skill leaks Stripe key or card PAN/CVC verbatim in curl command line Bespoke actions · alerting DSΣPDDCS [LLM] AI session-log harvest via prompt-log extract.sh writing markdown with embedded secrets Bespoke actions · alerting DSΣPDDCS [LLM] AI agent process reads cloud-credential, SSH or dotenv files (skill credential theft) Bespoke actions · hunting DSPDDCS [LLM] AI CLI tool (claude/gemini/q) spawned non-interactively by node/npm/npx for recon Bespoke actions · alerting DSΣPDDCS [LLM] Shai-Hulud 3.0 'Goldox-T3chs' GitHub exfiltration marker observed Bespoke actions · alerting DSΣPDDCS [LLM] TruffleHog secret-scanner execution on developer / CI host (SHA1-Hulud credential harvest) Bespoke actions · alerting DSΣPDDCS [LLM] TruffleHog spawned by node/npm as postinstall — Shai-Hulud credential sweep Bespoke actions · alerting DSΣPDD [LLM] s1ngularity nx: AI CLI assistant invoked with permission-bypass flags (Claude/Gemini/Q) Bespoke actions · alerting DSΣPDD [LLM] GhostAction curl/wget POST of CI/CD secret token to Plesk endpoint Bespoke actions · alerting DSΣPDDCS [LLM] GhostAction GitHub workflow secret-enumeration commit pattern Bespoke weapon · hunting DSPDDCS [LLM] TruffleHog secret-scanner executed by node/npm postinstall context Bespoke actions · alerting DSΣPDDCS [LLM] Postinstall node child enumerating multiple developer credential stores Bespoke actions · hunting DSPDDCS [LLM] AI coding agent CLI (claude/gemini/q) invoked with permission-bypass flags Bespoke actions · alerting DSΣPDDCS [LLM] Runner.Worker process memory dump via memdump.py on CI/CD runner (tj-actions credential theft) Bespoke actions · alerting DSΣPDDCS [LLM] Linux process opens /proc/<pid>/mem or /proc/<pid>/maps on a build/CI host (CVE-2025-8217 / CVE-2025-30066 memory dump TTP) Bespoke actions · alerting DSΣPDD [LLM] Scavenger loader/stealer SHA256 execution or drop on endpoint Bespoke install · alerting DSΣPDD [LLM] Runner.Worker process memory dumped via /proc/PID/mem read on Linux runner Bespoke actions · alerting DSΣPDDCS [LLM] Container PID 1 environment harvest via /proc/1/environ read Bespoke actions · hunting DSΣPDDCS [LLM] Assets running vulnerable crypto-js (<4.2.0) or crypto-es (<2.1.0) — CVE-2023-46233 / CVE-2023-46133 Bespoke exploit · hunting DSP

Articles citing this technique (72)

crit 400+ AUR Packages Hijacked: What the “Atomic Arch” Campaign Means for Supply-Chain Security art-14
high Over 400 Arch Linux packages compromised to push rootkit, infostealer art-25
crit Early Warning Signs of Supply-Chain Attacks Live in the Dark Web art-27
high Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code art-28
med Over 73,000 French govt employees affected in Tchap messenger breach art-35
high New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets art-41
high Miasma and Hades Are Spreading Now: Detect Them on Developer Machines with Suspicious Files art-45
high npm v12 delivers one of the biggest security improvements in years art-46
crit [GHSA / CRITICAL] CVE-2026-48039: Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token art-47
high GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks art-55
high Pythagora-io/gpt-pilot Compromised on GitHub - Shai-Hulud Credential Stealer Blocked by Python Linter art-78
crit Wait, binding.gyp Can Do What? Exploring npm's Weirdest Build System art-85
high Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer art-90
high Securing CI/CD in an agentic world: Claude Code Github action case art-117
crit [GHSA / CRITICAL] GHSA-jpvj-wpmj-h7rv: Supply chain compromise via malicious @cap-js/openapi art-123
crit Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign art-139
high Why EDR and proxy won’t save you from supply chain malware art-142
high Multiple redhat-cloud-services npm Packages compromised art-144
crit Containers on fire: from container escapes to supply chain attacks art-158
crit [GHSA / CRITICAL] CVE-2026-47410: praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery f art-163
crit [GHSA / CRITICAL] CVE-2026-47392: PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subpro art-166
crit What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant art-180
high What MDM can't protect on developer machines (and what to do about it) art-186
crit Out of the Crypt: The Evolving Cyber Extortion Economy art-193
high Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens art-194
high Why developer machines are now the number one target for supply chain attacks art-208
high Megalodon: Mass GitHub Actions Secret Exfiltration Across 5,500+ Public Repositories art-215
crit 5 Supply Chain Attacks in 48 Hours: Why Securing One Layer Is Not Enough art-230
crit [GHSA / CRITICAL] CVE-2026-46421: Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-serv art-235
crit The Wild West of VS Code extensions and how a poisoned extension breached GitHub art-236
high GitHub breached via a malicious VS Code extension: why developer devices are the real target art-238
crit The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised art-248
crit [GHSA / CRITICAL] CVE-2026-46395: HAXcms: Private Key Disclosure via Broken HMAC Implementation art-261
crit Mini Shai-Hulud strikes again: npm worm compromises hundreds of @antv packages art-267
med actions-cool/issues-helper GitHub Action Compromised: All Tags Point to Imposter Commit That Exfiltrates CI/CD Credentials art-268
crit Active Supply Chain Attack: Malicious node-ipc Versions Published to npm art-269
crit [GHSA / CRITICAL] CVE-2026-45625: Arcane Backend: Missing admin authorization on git repository endpoints allows non-admin users to exfiltra art-274
crit Malicious node-ipc versions published to npm in suspected maintainer account compromise art-284
crit TeamPCP's Mini Shai-Hulud Is Back: A Self-Spreading Supply Chain Attack Compromises TanStack npm Packages art-312
crit Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools art-316
high Popular PyTorch Lightning Package Compromised by Mini Shai-Hulud art-339
crit Mini Shai-Hulud Targets SAP npm Packages With a Bun-Based Secret Stealer art-345
high Someone published four versions of a fake "tanstack" package in 27 minutes to steal your .env files art-346
high Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers art-352
high Securing Vibe Coding and AI Coding Agents: An End-to-End Approach with StepSecurity art-395
crit Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack art-400
high hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far art-403
crit Cline Supply Chain Attack Detected: cline@2.3.0 Silently Installs OpenClaw art-404
crit litellm: Credential Stealer Hidden in PyPI Wheel art-423
high Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags art-428
high Trivy Compromised a Second Time - Malicious v0.69.4 Release, aquasecurity/setup-trivy, aquasecurity/trivy-action GitHub Actions Compromised art-430
crit How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM art-443
high kubernetes-el Compromised: How a Pwn Request Exploited a Popular Emacs Package art-475
crit Persistent XSS/RCE using WebSockets in Storybook’s dev server art-494
high 10,000 Open-Source Projects Now Secured by Harden-Runner Community-Tier: A Milestone Three Years in the Making art-536
high Harden-Runner detection: tj-actions/changed-files action is compromised art-556
high 280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII art-573
crit Snyk Finds Prompt Injection in 36%, 1467 Malicious Payloads in a ToxicSkills Study of Agent Skills Supply Chain Compromise art-574
high 2025 in Review: The Evolution of Supply Chain Security & What's Next art-633
high The Holiday Whisper: Shai-Hulud 3.0 art-635
high SHA1-Hulud, npm supply chain incident art-686
crit Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages art-690
crit s1ngularity: Popular Nx Build System Package Compromised with Data-Stealing Malware art-778
high GhostAction Campaign: Over 3,000 Secrets Stolen Through Malicious GitHub Workflows art-785
high Zero-day Extensive NPM Package Compromise - Shai Hulud Supply Chain Attack art-789
high Weaponizing AI Coding Agents for Malware in the Nx Malicious Package Security Incident art-806
crit When 'Changed Files' Changed Everything: Our Black Hat 2025 Presentation on the tj-actions Supply Chain Breach art-815
crit Lessons from AWS CodeBuild’s Memory-Dump Incident (CVE-2025-8217) art-823
high Supply Chain Security Alert: num2words PyPI Package Shows Signs of Compromise art-824
crit Reconstructing the TJ Actions Changed Files GitHub Actions Compromise art-957
med Snyk Fetch the Flag CTF 2023 writeup: Protect The Environment art-1321
crit Weak Hash vulnerability discovered in crypto-js and crypto-es (CVE-2023-46233 & CVE-2023-46133) art-1349