10:30am, 29 September 2025
TLP Rating:
Widespread Supply Chain Compromise Impacting npm Ecosystem
After gaining initial access, the malicious cyber actor is deploying a payload that functions as a worm.
The malware reportedly scans the environment for sensitive credentials, including GitHub Personal Access Tokens (PATs) and application programming interface (API) keys for cloud services such as Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.
The malware then:
- Exfiltrates the harvested credentials to an endpoint controlled by the actor.
- Uploads the credentials to a public repository named Shai-Hulud via the GitHub/user/repos API.
- Leverages an automated process to rapidly spread by authenticating to the npm registry as the compromised developer, injecting code into other packages, and publishing compromised versions to the registry.
What's happening
Systems affected
Javascript npm packages.
What this means
Malicious actors are using malware to compromise Java Scipt npm packages.
What to look for
How to tell if you're at risk
Look to identify potentially malicious npm packages with the advice below.
What to do
Mitigation
The following suggestions can be implemented to help identify and mitigate the issue:
- Conduct a dependency review of all software leveraging the npm package ecosystem.
- Check for package-lock.json or yarn.lock files to identify affected packages, including those nested in dependency trees.
- Search for cached versions of affected dependencies in artifact repositories and dependency management tools.
- Pin npm package dependency versions to known safe releases produced prior to Sept. 16, 2025.
- Immediately rotate all developer credentials.
- Mandate phishing-resistant multifactor authentication (MFA) on all developer accounts, especially for critical platforms like GitHub and npm.
- Monitor for anomalous network behaviour.
- Block outbound connections to webhook.site domains.
- Monitor firewall logs for connections to suspicious domains.
- Harden GitHub security by removing unnecessary GitHub Apps and OAuth applications, and auditing repository webhooks and secrets.
- Enable branch protection rules, GitHub Secret Scanning alerts, and Dependabot security updates.
More information
Additional links
- GitHub: Our plan for a more secure npm supply chain. External Link
- Palo Alto Networks Unit 42: "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Updated September 18). External Link
- Socket: Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages. External Link
- ReversingLabs: Malware found on npm infecting local package with reverse shell. External Link
If you require more information or further support, submit a report on our website or contact us on 0800 114 115.
How helpful was this page?
This site is protected by reCAPTCHA and the Google Privacy Policy External Link and Terms of Service External Link apply.