JFrog’s Security Research team has identified a major escalation in the ongoing “Shai-Hulud” software supply chain attack, uncovering a new self-propagating worm actively targeting npm and GitHub repositories. So far, 181 newly compromised packages have been confirmed.
The attackers, referring to this wave as “Sha1-Hulud: The Second Coming,” have significantly advanced their tactics since the September variant. Instead of relying on predictable exfiltration repositories, the campaign now generates randomised repo names, making leaked secrets far harder for defenders to trace. The worm also carries a destructive payload, introducing privilege escalation, DNS hijacking, and a data-wiping routine triggered when no valuable credentials are found.
Once inside a developer’s environment, the worm automatically harvests secrets and repackages itself into every accessible npm package, enabling it to spread to other developers and organisations through normal development workflows.
For Australian businesses already contending with Shadow AI adoption, complex toolchains and tightening data-sovereignty expectations, Shai-Hulud underscores that modern breaches increasingly begin inside the software development process rather than at the network perimeter. Immediate remediation requires rotating all compromised environment tokens and imposing stricter controls on package ingress to limit further propagation.
JFrog’s researchers stress that Shai-Hulud remains an active and evolving threat. Their team will continue to publish updates to the campaign via its dedicated blog.
Security researcher Guy Korolevski said the latest variant represents a critical escalation for the npm ecosystem.
“The new wave of Shai Hulud supply-chain abuse marks a critical escalation in supply chain threats and yet another attack on the npm ecosystem. Beyond stealing credentials, this self-propagating worm now executes destructive data-wiping protocols if targets lack valuable tokens. With 181 new compromised packages identified by JFrog thus far, the risk is widespread. Immediate remediation requires rotating all compromised environment tokens. Furthermore, organizations must shift from reaction to prevention by enforcing a 14-day quarantine on new package versions, a proven buffer period that stops malicious updates like bun_environment.js from infiltrating your software supply chain.”