Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
Campaign
Summary
Hide ▲
Show ▼
The Shai-Hulud supply-chain campaign now includes a fresh PyPI wave that compromised 19 packages across 37 malicious releases, with popular bioinformatics tools such as Dynamo, Spateo, CoolBox, U-FISH, and Napari-UFISH among the affected packages. Socket said the malware uses a malicious **`*-setup.pth` startup hook and `_index.js` to trigger Python execution, download the Bun JavaScript runtime from GitHub, and steal developer secrets. The activity is being tracked alongside earlier Shai-Hulud operations because the techniques and exfiltration patterns overlap, including GitHub repositories for secret exfiltration and persistence across Linux and macOS**.
Related Happenings
North Korean Contagious Interview PolinRider supply-chain campaign
Campaign
H score51
First: 04.07.2026 14:17
Last: 04.07.2026 14:17
Sources 1
About this happening:
The **Contagious Interview / PolinRider** campaign is still active, with **108 unique packages and browser extensions** published across **npm, Packagist, Go, and Google Chrome**....
North Korean Contagious Interview PolinRider supply-chain campaign
CampaignAbout this happening: The **Contagious Interview / PolinRider** campaign is still active, with **108 unique packages and browser extensions** published across **npm, Packagist, Go, and Google Chrome**....
Shai-Hulud PyPI supply-chain malware activity
Malware Activity
H score22
First: 08.06.2026 23:41
Last: 08.06.2026 23:41
Sources 1
How related:
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets.
About this happening:
The **Shai-Hulud** supply-chain malware compromised **19 PyPI packages**, turning routine installs into secret-stealing execution and putting **developer credentials** at risk. Th...
Shai-Hulud PyPI supply-chain malware activity
Malware ActivityHow related: Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets.
About this happening: The **Shai-Hulud** supply-chain malware compromised **19 PyPI packages**, turning routine installs into secret-stealing execution and putting **developer credentials** at risk. Th...
Asteroiddao hit by network compromise
Incident
H score13
First: 04.06.2026 18:25
Last: 04.06.2026 18:25
Sources 1
About this happening:
**asteroiddao** suffered a compromised-account incident that let malicious npm package versions and repository commits seed a wider **supply-chain attack**. The account was used t...
Asteroiddao hit by network compromise
IncidentAbout this happening: **asteroiddao** suffered a compromised-account incident that let malicious npm package versions and repository commits seed a wider **supply-chain attack**. The account was used t...
IronWorm npm supply-chain infection and self-propagation
Malware Activity
H score15
First: 04.06.2026 18:25
Last: 04.06.2026 18:25
Sources 1
About this happening:
**IronWorm** is a **Rust** infostealer in a **npm supply-chain** activity that hides behind an **eBPF kernel rootkit**, communicates over **Tor**, and targets **86 environment var...
IronWorm npm supply-chain infection and self-propagation
Malware ActivityAbout this happening: **IronWorm** is a **Rust** infostealer in a **npm supply-chain** activity that hides behind an **eBPF kernel rootkit**, communicates over **Tor**, and targets **86 environment var...
Miasma GitHub and npm supply-chain campaign
Campaign
H score26
First: 02.06.2026 00:38
Last: 02.06.2026 00:38
Sources 1
About this happening:
The **Miasma** supply-chain campaign has expanded into **npm** and the **Go ecosystem**, with **malicious npm releases** affecting **LeoPlatform** and **RStreams** packages and a...
Miasma GitHub and npm supply-chain campaign
CampaignAbout this happening: The **Miasma** supply-chain campaign has expanded into **npm** and the **Go ecosystem**, with **malicious npm releases** affecting **LeoPlatform** and **RStreams** packages and a...
Latest development: 05.06.2026 21:05
A new Miasma wave is linked to 57 compromised npm packages across more than 286 malicious versions, with malicious installs abusing a 157-byte binding.gyp file for code execution during npm install and then staging additional payloads that inject persistent backdoor files into project repositories and target AI-assisted IDE workflows.
Timeline
-
12.05.2026 14:29 1 articles · 1mo ago
Malicious TanStack package wave spreads via stolen CI/CD credentials
Exploitation ObservedOn 2026-05-11, threat actors published multiple malicious packages in TanStack npm namespaces and spread the same credential-stealing payload to other projects using stolen CI/CD credentials, while making the releases appear legitimate with valid OIDC tokens and SLSA Build Level 3 provenance attestations.
Show sources
- Shai Hulud attack ships signed malicious TanStack, Mistral npm packages — www.bleepingcomputer.com — 12.05.2026 14:29
-
12.05.2026 14:29 2 articles · 1mo ago
Shai-Hulud analysis details payload stealth, persistence, and IOCs
Technical Analysis UpdateOn 2026-05-12, analyses identified a broad Shai-Hulud wave across npm, PyPI, and Composer that delivered the same credential-stealing payload through packages that looked legitimate because they carried valid SLSA provenance, valid Sigstore attestations, and legitimate GitHub Actions signatures, while some infections persisted through Claude Code hooks and VS Code auto-run tasks. Developers who installed affected packages were advised to treat GitHub, npm, AWS, Vault, and Kubernetes credentials as exposed, audit for router_runtime.js and setup.mjs, and block api.masscan.cloud, git-tanstack.com, and *.getsession.org.
Show sources
- Shai Hulud attack ships signed malicious TanStack, Mistral npm packages — www.bleepingcomputer.com — 12.05.2026 14:29
- Shai-Hulud Worm Clones Spread After Code Release — www.darkreading.com — 18.05.2026 22:53
-
25.11.2025 12:00 3 articles · 7mo ago
Shai-Hulud second wave targets Zapier and PostHog packages
Campaign Scope UpdateSecurity researchers said the Shai-Hulud "Second Coming" is targeting npm projects including Zapier and PostHog, has infected more than 700 packages with over 100 million downloads, and is scaling by creating new malicious package versions and attacker-controlled GitHub repositories. The new version can infect up to 100 npm packages, compared with 20 in the first wave.
Show sources
- New Shai-Hulud Worm Spells Trouble For npm Users — www.infosecurity-magazine.com — 25.11.2025 12:00
- GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories — thehackernews.com — 20.05.2026 07:01
- New Shai-Hulud attack trojanizes 19 science-focused PyPI packages — www.bleepingcomputer.com — 08.06.2026 23:41
-
24.09.2025 00:00 1 articles · 9mo ago
GitHub hardens npm publishing after Shai-Hulud
Mitigation Patch UpdateGitHub said it removed more than 500 compromised npm packages, blocked new packages carrying Shai-Hulud indicators of compromise, and will harden npm publishing by requiring local package publishing with 2FA, limiting granular tokens to seven days, favoring Trusted Publishers, deprecating classic tokens and TOTP, and removing the option to bypass 2FA for local publishing.
Show sources
- GitHub Aims to Secure Supply Chain as NPM Hacks Ramp Up — www.darkreading.com — 24.09.2025 00:00