Summary: A large-scale malicious campaign, nicknamed the Shai-Hulud attack, has impacted the npm ecosystem with over 500 trojanized packages, including those packages maintained by CrowdStrike. The attack originated from a sophisticated phishing campaign that exploited the fundamental trust relationships within the npm ecosystem. 

The JavaScript ecosystem is under a massive threat following a major supply chain attack. Hence, millions of crypto users and developers are now at risk. With more than a billion of these packages downloaded already, thousands of blockchain wallets and applications could be suffer varying exploits.

• Malicious NPM updates spread malware that steals and replaces crypto addresses.
• Developers encouraged developer to cease on-chain operation and inspect HD wallets thoroughly.

The attackers injected malicious scripts that

• Run secret-scanning tools on developer systems, 

• Steal GitHub, npm and cloud credentials, 

• Insert persistent GitHub Actions workflows for long-term access, and 

• Exfiltrate sensitive data to attacker-controlled endpoints. 

This attack is ongoing and all users of npm packages should take immediate steps to secure tokens, audit their environments and verify package integrity. 

Issue Details 

Initial discovery on September 14, 2025, when suspicious versions of @ctrl/tinycolor and ~40 other packages were flagged. By September 16, the attack had spread to include CrowdStrike-namespaced packages and dozens from @ctrl, @nativescript-community, rxnt, @operato, and others. 

Malware behavior 

• Downloads and runs TruffleHog, a legitimate secret scanner. 

• Harvests secrets from local machines and CI/CD agents (npm tokens, GitHub PATs, AWS/GCP cloud keys). 

• Writes malicious workflows into .github/workflows (shai-hulud-workflow.yml). 

• Continuously exfiltrates findings to a fixed webhook endpoint or pushes them into new GitHub repos under the victim’s account. 

Attack Flow 

Here are some popular packages with affected versions 

Package	Version
@ctrl/ngx-codemirror	7.0.1, 7.0.2
@ctrl/tinycolor	4.1.1, 4.1.2
@crowdstrike/foundry-js	0.19.1, 0.19.2
@crowdstrike/logscale-dashboard	1.205.1, 1.205.2
@nativescript-community/sqlite	3.5.2 – 3.5.5
@nativescript-community/text	1.6.9 – 1.6.13
@nstudio/nativescript-checkbox	2.0.6 – 2.0.9
@nstudio/angular	20.0.4 – 20.0.6
eslint-config-crowdstrike	11.0.2, 11.0.3
remark-preset-lint-crowdstrike	4.0.1, 4.0.2

Attack Indicators 

Malicious Workflow Filenames 

• .github/workflows/shai-hulud-workflow.yml 

• .github/workflows/shai-hulud.yaml 

Exfiltration Endpoint 

• hxxps://webhook[.]site/bb8ca5f6-4175-45d2-b042-fc9ebb8170b7 

Hashes of Malicious Payloads 

SHA-256 Hash	Notes
46faab8ab153fae6e80e7cca38eab363075bb524edd79e42269217a083628f09	Large batch, Sept 15–16
b74caeaa75e077c99f7d44f46daaf9796a3be43ecf24f2a1fd381844669da777	CrowdStrike-related packages burst (Sept 16)
de0e25a3e6c1e1e5998b306b7141b3dc4c0088da9d7bb47c1c00c91e6e4f85d6	First observed compromise (Sept 14)
81d2a004a1bca6ef87a1caf7d0e0b355ad1764238e40ff6d1b1cb77ad4f595c3	Sept 14 small burst
83a650ce44b2a9854802a7fb4c202877815274c129af49e6c2d1d5d5d55c501e	~25 packages, Sept 14
4b2399646573bb737c4969563303d8ee2e9ddbd1b271f1ca9e35ea78062538db	Burst of ~17 packages, Sept 14–15
dc67467a39b70d1cd4c1f7f7a459b35058163592f4a9e8fb4dffcbba98ef210c	Multiple reuse across Sept 15–16

Recommendations: 

Organizations and developers using npm should take immediate actions: 

1. Uninstall or downgrade 
   Pin dependencies to known-safe versions until patched releases are confirmed. 

2. Rotate credentials 
   Immediately revoke and reissue: 

• npm access tokens 

• GitHub personal access tokens / org tokens 

• Cloud credentials (AWS, GCP, Azure) 

3. Audit systems 

• Inspect developer machines and CI/CD build agents for signs of the malicious bundle.js. 

• Check .github/workflows for unauthorized files named “shai-hulud-*”. 

• Review repositories for suspicious commits or new repos labeled “Shai-Hulud Migration”. 

4. Monitor and log 

• Search event logs for unusual npm publish activity. 

• Investigate GitHub Actions runs designed to exfiltrate secrets. 

5. Harden pipelines 

• Pin package versions and use integrity checks (e.g.- lockfiles, checksums). 

• Limit exposure of sensitive tokens in build environments. 

• Rotate all build-related secrets regularly. 

 
Conclusion 
This incident is significant compromises in the npm ecosystem, impacting hundreds of widely used packages across various namespaces.

The attackers’ tactics such as credential theft, manipulation of GitHub workflows, and widespread package propagation, highlighting the growing sophistication of modern supply chain attacks.

Developers and organizations are strongly advised to take immediate action by removing affected package versions, rotating any exposed secrets, auditing their build environments and strengthening CI/CD security. Continuous monitoring and rapid response are essential to reducing risk and maintaining trust in open-source software. 

The attack’s browser API-level operation revealed critical blind spots in enterprise security monitoring, particularly for organizations handling cryptocurrency transactions.

References: 

• https://socket.dev/blog/ongoing-supply-chain-attack-targets-crowdstrike-npm-packages 

• https://thehackernews.com/2025/09/40-npm-packages-compromised-in-supply.html