diff --git a/pkgs/tools/security/cdxgen/default.nix b/pkgs/tools/security/cdxgen/default.nix
index a71b6ba5fef2..4a641a7a5261 100644
--- a/pkgs/tools/security/cdxgen/default.nix
+++ b/pkgs/tools/security/cdxgen/default.nix
@@ -1,27 +1,67 @@
-{ lib
-, fetchFromGitHub
-, buildNpmPackage
+{ fetchFromGitHub
+, lib
+, makeWrapper
+, nodejs
+, nodePackages
+, pnpm_9
+, python3
+, stdenv
+, xcbuild
 }:
 
-buildNpmPackage rec {
+stdenv.mkDerivation (finalAttrs: {
   pname = "cdxgen";
-  version = "10.5.2";
+  version = "10.8.1";
 
   src = fetchFromGitHub {
-    owner = "AppThreat";
-    repo = pname;
-    rev = "v${version}";
-    sha256 = "sha256-CmX19UdmXTbmO+6nFzsFbZspmIWYFtcUVaA0j8iU7GI=";
+    owner = "CycloneDX";
+    repo = "cdxgen";
+    rev = "v${finalAttrs.version}";
+    hash = "sha256-PFvSHuIaHaGfKI5s7DOW1adSKpnURaQtk5lAO9lr1OM=";
   };
 
-  npmDepsHash = "sha256-Vd+zRExQFmmv9f8uWQFE/nWRs6y86nLFu5HrM6iCf7U=";
+  nativeBuildInputs = [
+    makeWrapper
+    nodejs
+    nodePackages.node-gyp # required for sqlite3 bindings
+    pnpm_9.configHook
+    python3 # required for sqlite3 bindings
+  ] ++ lib.optional stdenv.isDarwin [ xcbuild ];
+
+  pnpmDeps = pnpm_9.fetchDeps {
+    inherit (finalAttrs) pname version src;
+    hash = "sha256-IO7hn5xHdlQ+uyH8RWc7ZnnthXydCnMSde22YYMWOoc=";
+  };
+
+  buildPhase = ''
+    runHook preBuild
+
+    pushd node_modules/sqlite3
+    node-gyp rebuild
+    popd
+
+    runHook postBuild
+  '';
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/bin $out/lib
+    cp -r * $out/lib
+    makeWrapper ${nodejs}/bin/node "$out/bin/cdxgen" --add-flags "$out/lib/bin/cdxgen.js"
+    makeWrapper ${nodejs}/bin/node "$out/bin/cdxgen-evinse" --add-flags "$out/lib/bin/evinse.js"
+    makeWrapper ${nodejs}/bin/node "$out/bin/cdxgen-repl" --add-flags "$out/lib/bin/repl.js"
+    makeWrapper ${nodejs}/bin/node "$out/bin/cdxgen-verify" --add-flags "$out/lib/bin/verify.js"
+
+    runHook postInstall
+  '';
 
-  dontNpmBuild = true;
 
   meta = with lib; {
     description = "Creates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images";
-    homepage = "https://github.com/AppThreat/cdxgen";
+    mainProgram = "cdxgen";
+    homepage = "https://github.com/CycloneDX/cdxgen";
     license = licenses.asl20;
     maintainers = with maintainers; [ dit7ya ];
   };
-}
+})