https://www.sonatype.com/blog/ongoing-npm-software-supply-chain-attack-exposes-new-risks
https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/
Security researchers at Sonatype have identified a dangerous new supply chain attack called “Shai-Hulud” that has infected over 180 npm packages with self-propagating malware capable of stealing credentials and automatically spreading to additional packages across the JavaScript ecosystem. This campaign represents a significant escalation in supply chain threats, featuring wormable characteristics that enable the malware to replicate itself without manual intervention, following successful attacks including the S1ngularity campaign targeting Nx packages and the massive compromise of popular packages like chalk and debug that collectively receive billions of weekly downloads.
The Shai-Hulud malware employs a sophisticated multi-stage payload that harvests system information, environment variables, and authentication tokens from npm, GitHub, AWS, and Google Cloud Platform using tools like TruffleHog for comprehensive secret scanning. Once credentials are collected, the malware automatically creates a public GitHub repository named “Shai-Hulud” under the victim’s account containing a JSON file with all harvested tokens and credentials, while simultaneously installing malicious GitHub Actions workflows designed for persistent data exfiltration. The malware’s self-propagation mechanism iterates through repositories accessible to compromised accounts, creates new branches, uploads malicious workflow files, and generates pull requests to merge the infected code into target repositories.
The attack demonstrates the evolution of supply chain threats from isolated incidents to self-replicating campaigns that can spread rapidly across the open source ecosystem without requiring manual distribution by attackers. The malware uses any discovered npm tokens to publish trojaned versions of packages under the victim’s control, creating a cascading infection pattern that expands the attack surface exponentially. Sonatype’s analysis confirms this represents one of the most severe wormable malware infections to target open source software, with the persistent nature of the campaign indicating threat actors are continuously refining their methods and adapting to defensive measures. The attack affects packages from major organizations and individual developers, with compromised tokens potentially providing attackers access to cloud services, package registries, and private repositories across hundreds of projects and organizations worldwide.