A rapidly spreading malware wave has targeted the npm ecosystem, compromising nearly 500 packages and threatening the security of more than 26,000 public open-source repositories on GitHub. Security experts have traced this campaign to a new strain of the Shai-Hulud worm, which reemerged over the weekend and demonstrates increased scale and automation compared to previous incidents. Attackers are exploiting stolen npm tokens to propagate malicious code, raising concerns about widespread exposure across the software supply chain and highlighting ongoing vulnerabilities in open-source development practices.
Recent incidents involving npm package security showed a lower scale of infection and a narrower set of affected repositories. Previous variants of Shai-Hulud and similar worms focused on cryptojacking rather than large-scale credential theft or extensive repository compromise. This current wave involves a broader attack scenario, targeting high-profile packages such as Zapier, ENS Domains, PostHog, and Postman, indicating a shift in attackers’ tactics toward wider exposure and data collection.
How Did the Attack Spread Through npm Packages?
The Shai-Hulud worm managed to propagate rapidly by leveraging stolen credentials, primarily using npm tokens to inject trojanized code into packages. The malware automates the infection process, creating malicious files during the preinstall phase and setting up public repositories that collect stolen data. According to researchers, the campaign is still active, with packages being compromised and subsequently removed, but not before being accessed in multiple real-world environments.
“We’ve observed multiple environments where these trojanized packages were downloaded before their removal from npm, suggesting active real-world exposure,”
explained Merav Bar, a threat researcher at Wiz.
Which Projects and Developers Are Most at Risk?
High-profile and widely used npm packages were among those compromised, putting both major companies and everyday developers at risk. Security experts note that developers frequently store sensitive information such as GitHub tokens and cloud secrets in accessible locations within their build systems—making them particularly vulnerable.
“Build systems almost always have access to powerful tokens and the malware only needs one of them to propagate,”
stated Ron Peled, chief operating officer at Sola Security. A significant portion of cloud and code environments were affected, based on the distribution of compromised packages.
Could Security Practices Have Prevented the Attack?
The timing of the attack coincided with npm’s planned revocation of classic tokens, aimed at tightening overall platform security. Researchers believe that had these new safeguards already been enforced, the spread and impact of Shai-Hulud might have been greatly reduced. The exposure of sensitive credentials on public platforms like GitHub raised risks of further exploitation, though large-scale downstream attacks have not yet been identified. The automation and speed of this malware campaign, compared to previous attacks, exhibit how quickly vulnerabilities in trusted software distribution channels can be exploited.
The incident underscores the persistent threat supply-chain attacks pose to the open-source community and emphasizes the need for vigilance among developers, regardless of project size. Automated propagation and credential harvesting tactics make it necessary for organizations and individuals to audit security practices regularly. As attacks on supply chains continue to grow in sophistication and scope, strategic measures—such as enforcing least privilege access for build systems, implementing environment variable scanning, and tightening credential management—are essential for reducing risk. Monitoring npm packages and repository dependencies should become part of standard operating procedures for any team using open-source software, particularly in collaborative and cloud-based projects.
