The Shai Hulud npm worm has re-emerged, launching an aggressive new attack on the software development world. This worm, which Hackread.com first reported in September 2025, returned this Monday, November 24, 2025, striking with dramatically increased intensity. This timing is notable as it occurs just before npm’s December 9 deadline to revoke old classic access tokens.
In September, the Shai Hulud attack compromised about 180 software libraries (repositories). However, security researcher Charlie Eriksen from Aikido Security detected the new wave early this morning (5:10 AM CET), seeing infected code projects skyrocket to over 19,000 in just a few hours. This represents a hundred-fold increase over the previous campaign.
Compromised Tools and Faster Attacks
The attack began with packages like go-template and 36 packages from AsyncAPI, quickly followed by those from PostHog and Postman. Among the first wave of over 60 compromised packages were the main tools for services like Zapier and the ENS platform. Specific affected items include packages such as @zapier/zapier-sdk, zapier-platform-core, @ensdomains/ensjs, ethereum-ens, and typeorm-orbit.
This new version of Shai Hulud is faster and more dangerous because the attackers learned from their previous attempt. They have streamlined their process for sending stolen data, “ditched the webhook bottleneck and now dump credentials straight to public GitHub repos,” explains Eriksen in the blog post shared with Hackread.com.
The malware’s primary goal is to steal credentials (sensitive access codes) from developers’ computers. According to Aikido’s investigation, these include critical access keys for major cloud services like Amazon Web Services (AWS), API keys, and tokens for platforms like GitHub and npm.
Victims Become Threats
The malware automatically scans both the local computer and connected cloud accounts and uses the TruffleHog tool to “ransack developer machines” for every secret it can find. The infection turns victims into immediate threats, as any stolen npm or GitHub keys are instantly used to compromise more packages. This means each victim becomes “an attack vector in real-time,” making it the quickest reaction ever recorded in the software supply chain.
Despite the scale, the attack’s overall impact was limited: the attackers made mistakes, as the core malicious file bun_environment.js sometimes failed to bundle. The damage is still vast, however. In total, 425 packages were detected with signs of the new worm.
Over 19,000 public code repositories now contain stolen credentials, identified by the title “Sha1-Hulud: The Second Coming” in the description, and a total of over 26,300 repositories have been exposed. These affected packages have a combined total of 132 million monthly downloads (check the full list here).
Immediate Actions for Developers
The latest threat follows closely after researchers took down a fake version of the Prettier code formatter extension on the VSCode Marketplace, which had delivered Anivia Stealer in another developer-targeted attack.
This shows how developers are always the prime target of cyber criminals. To tackle the Shai Hulud threat, they must immediately uninstall compromised packages, rotate all credentials (GitHub, npm, cloud, and CI/CD secrets), audit dependencies, check GitHub for strange repos with the “Sha1-Hulud: The Second Coming” description, disable npm postinstall scripts in CI, and enforce MFA on all accounts.