Comprehensive Threat Exposure Management Platform
Hive Pro recognized in Gartner® Magic Quadrant™ for Exposure Assessment Platform, 2025 Watch platform in action
The Shai-Hulud 2.0 supply-chain attack represents a critical escalation in npm ecosystem security threats, emerging in November 2025 as “The Second Coming” campaign. This sophisticated supply-chain compromise has infected hundreds of npm packages and exposed credentials from over 25,000 GitHub repositories worldwide. The Shai-Hulud 2.0 malware exploits preinstall lifecycle scripts to achieve early execution across developer machines and CI/CD pipelines, enabling rapid propagation through automated package republishing using stolen authentication tokens. The attack targets prominent organizations including Zapier, ENS Domains, AsyncAPI, PostHog, and Postman, demonstrating advanced automation capabilities and introducing destructive failsafe mechanisms that attempt to wipe user directories when propagation fails. This global npm supply-chain attack requires immediate credential rotation, comprehensive dependency auditing, and enhanced supply-chain security defenses across all affected environments.
The Shai-Hulud 2.0 supply-chain attack emerged in late November 2025 as a major escalation of the original npm compromise, targeting hundreds of npm packages maintained by prominent organizations across the open-source ecosystem. By exploiting preinstall lifecycle scripts, the Shai-Hulud 2.0 malware achieves early execution on developer machines and within CI/CD pipelines, enabling rapid infiltration and widespread propagation throughout the npm supply chain.
Once installed, the Shai-Hulud 2.0 attack deploys two JavaScript files leveraging a Bun-compatible runtime to execute its malicious payload. The payload actively scans compromised environments for sensitive credentials, including GitHub tokens, npm tokens, and cloud provider secrets from AWS, Azure, and GCP. Stolen credentials are exfiltrated through automatically created public GitHub repositories, often containing references to “Shai-Hulud: The Second Coming.” Using these stolen tokens, the worm republishes compromised npm packages, enabling self-replication across trusted maintainer accounts throughout the npm ecosystem.
A critical new feature in the Shai-Hulud 2.0 variant is its destructive fallback behavior. When authentication or propagation fails, certain variants attempt to erase user home directories, marking a significant departure from the stealth-focused approach of the original Shai-Hulud campaign. This destructive capability transforms the supply-chain compromise into a potential data-loss incident, significantly increasing the overall risk profile of the attack.
The scale of the Shai-Hulud 2.0 supply-chain attack is substantial: security researchers report over 25,000 affected GitHub repositories and 600–800 compromised npm packages, exposing vast quantities of secrets and developer environments. The attack demonstrates advanced automation, rapid replication capabilities, and early-execution tactics, underscoring the growing sophistication of supply-chain threats in modern software development environments. The campaign highlights critical vulnerabilities in npm lifecycle script execution and the urgent need for enhanced supply-chain security controls across the entire software development lifecycle.
Organizations relying on the npm ecosystem must immediately revoke and rotate all credentials potentially exposed in the Shai-Hulud 2.0 supply-chain attack. Assume all tokens accessible in developer machines or CI/CD pipelines may be compromised, including GitHub personal access tokens, npm tokens, cloud provider keys for AWS, GCP, and Azure, CI/CD secrets, and SSH keys. Enforce least-privilege scopes for all newly created tokens to minimize potential impact from future credential compromises.
Conduct comprehensive audits of npm dependencies and build pipelines to identify Shai-Hulud 2.0 infections. Review all npm packages, particularly recently updated or low-activity packages, for malicious preinstall or postinstall scripts. Reinstall dependencies from a clean state, validate package integrity using checksums, and consistently use pinned versions or lockfiles to prevent unauthorized package updates in the npm supply chain.
Inspect GitHub accounts for unauthorized activity resulting from the Shai-Hulud 2.0 compromise. Check for suspicious public repositories, unexpected commits, or malicious package publications. Remove unauthorized repositories immediately and investigate all signs of credential abuse or automated publishing activity. Rebuild affected environments from trusted baselines rather than attempting in-place remediation, as Shai-Hulud 2.0 variants may persist or destroy directories upon failure.
Strengthen supply-chain defenses against future npm attacks by disabling lifecycle scripts where possible, enforcing trusted publishing workflows, implementing Software Bill of Materials (SBOM) validation, requiring two-factor authentication for package maintainers, and adopting short-lived, scoped access tokens. Integrate real-time secret scanning and dependency monitoring into CI/CD pipelines to detect supply-chain compromises early and prevent propagation across development environments.
SHA256 Hashes:
SHA1 Hashes:
URLs:
Domains:
File Names:
Initial Access:
Execution:
Persistence:
Credential Access:
Discovery:
Command and Control:
Exfiltration:
Impact:
Get through updates and upcoming events, and more directly in your inbox