Summary 

The Shai-Hulud malware campaign has struck again and this time its the ”npm ecosystem’ again with a massive second supply-chain attack affecting nearly 500 npm packages, including prominent packages from Zapier, ENS, AsyncAPI, PostHog, Postman, kvytech & others. 

 This attack leverages a self-replicating worm that executes during the pre-install phase to steal sensitive developer secrets and propagate rapidly through compromised developer environments. The attackers have publicly exposed stolen secrets in randomly named GitHub repositories, increasing the risk for developers and enterprises reliant on these npm packages. 

Issue Details 

The second wave of Shai-Hulud, dubbed the “Second Coming” by the attackers, was detected starting November 24, 2025, just before npm’s December 9 deadline to revoke legacy tokens. This campaign infected up to 100 packages per iteration, significantly more aggressive than the initial attack in September which affected around 20 packages at a time. Notable compromised packages include core AsyncAPI modules, go-template, packages from PostHog, Postman ecosystems and other ecosystems. The malware operates by installing malicious scripts like setup_bun.js and bun_environment.js that run destructive payloads, including wiping files if authentication fails. 

Initial Exposed repositories  

Source : www.aikido.dev 

Malware Behavior 

• Executed as part of the pre-install process, increasing reach and bypassing static code scans on build systems 

• Runs TruffleHog to automatically scan and steal credentials such as GitHub tokens, npm tokens, cloud (AWS, GCP, Azure) keys and CI/CD secrets 

• Publishes stolen secrets to randomly named public GitHub repositories labeled “Sha1-Hulud: The Second Coming” 

• Attempts to propagate by publishing malicious package versions to npm using stolen credentials 

• If unable to authenticate, attempts to wipe the user’s home directory, escalating the attack from espionage to sabotage 

Here are affected packages 

Package Namespace	Affected Packages Example
asyncapi	@asyncapi/diff, nodejs-ws-template, dotnet-rabbitmq-template, optimizer, modelina-cli etc.
posthog	@posthog/event-sequence-timer-plugin, bitbucket-release-tracker, postgres-plugin, twilio-plugin, cli etc.
actbase	@actbase/node-server, react-native-devtools, native, rrweb-record, plugin-server etc.
postman	@postman/csv-parse, tunnel-agent, pm-bin-macos-arm64, aether-icons, postman-mcp-cli etc.
kvytech	@kvytech/medusa-plugin-promotion, components, cli, medusa-plugin-management, web etc.

Indicators of Compromise 

• Presence of malicious files: setup_bun.js and bun_environment.js in package directories 

• Public GitHub repos with secret dumps labeled “Sha1-Hulud: The Second Coming” 

• Unusual npm publish activity linked to compromised packages 

• Unauthorized GitHub Actions workflows 

Source: cybersecuritynews.com 

Recommendation –  

• Rotate Credentials – Revoke and regenerate all npm tokens, GitHub PATs and cloud service credentials (AWS, GCP, Azure). 

• Audit Dependencies – Review your dependency trees (using package-lock.json, yarn.lock, etc.) to identify possibly compromised packages.  

• Pin Package Versions – Lock down versions of npm packages to known-good releases (before the compromise) and avoid automatic upgrades.  

• Harden CI/CD – Disable or strictly audit lifecycle scripts (like preinstall/postinstall), limit the use of GitHub tokens in CI and monitor for unexpected GitHub Actions workflows.  

• Add MFA – Enforce phishing-resistant multi-factor authentication for all npm and GitHub accounts. 

Conclusion –  
The “Second Coming” of the Shai-Hulud attack represents an escalation in both scale and sophistication of npm supply-chain threats. By exploiting pre-install execution and leveraging automated worm-like behavior, the malware can stealthily infect developer environments and compromise sensitive credentials, threatening the security of cloud infrastructure and development pipelines. Immediate mitigation actions by npm users and organizations are critical to mitigating ongoing risk and preserving trust in open-source ecosystems. 

References –  

• https://intruceptlabs.com/2025/09/shai-hulud-npm-supply-chain-attack-expands-to-470-packages/ 

• https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains 

• https://cybersecuritynews.com/sha1-hulud-supply-chain-attack/ 

Hashtags 
#Infosec #CyberSecurity #SecurityAdvisory #npm #Vulnerabilitymanagement # Patch Management #CISO #CXO #Intrucept