Shai-Hulud 2.0 npm Supply Chain Attack Compromises Trust Wallet and Cloud Credentials
A sophisticated supply chain attack, dubbed Shai-Hulud 2.0, targeted the npm JavaScript ecosystem by compromising maintainer accounts of widely used packages. Attackers injected malicious scripts into the preinstall phase of these packages, enabling the theft of credentials from developer environments, CI/CD pipelines, and cloud-connected workloads. The campaign led to the compromise of over 25,000 GitHub repositories and the exposure of hundreds of cloud credentials, affecting major organizations such as Zapier, PostHog, Postman, and Trust Wallet. Blockchain forensics confirmed that secrets stolen in this campaign were used to drain digital wallets, resulting in a confirmed $8.5 million theft from Trust Wallet. The attack's automation and worm-like propagation highlighted the urgent need for improved supply chain security and credential hygiene in cloud-native environments.
Security researchers have identified new variants of the Shai-Hulud malware, indicating ongoing development and testing by threat actors. The campaign's technical sophistication included phishing tactics to capture npm maintainer credentials and modifications to payloads for improved evasion and error handling. While the most significant financial impact was observed in the Trust Wallet breach, the broader campaign demonstrated the potential for widespread compromise across the open-source software supply chain. Multiple security vendors have independently verified the attack chain, emphasizing the critical risks posed by supply chain attacks in modern software development.
Timeline
Dec 31, 2025
Trust Wallet discloses $8.5 million theft and starts reimbursements
Trust Wallet publicly disclosed that the Shai-Hulud-linked Chrome extension compromise affected about one million users and resulted in roughly $8.5 million in losses. The company said it had added security controls and begun reviewing reimbursement claims for affected users.
Dec 29, 2025
Researchers identify a new Shai-Hulud variant in testing
Aikido researchers discovered a new Shai-Hulud malware variant targeting npm, with changes to the initial file, main payload, and improved error handling for TruffleHog. They found no evidence of widespread infection or propagation and noted no new linked packages or repositories since December 10, 2025.
Dec 25, 2025
Wallet-draining activity begins after malicious Trust Wallet update
The first wallet-draining activity was reported the day after the malicious extension update, with attackers ultimately draining about 2,520 wallet addresses to 17 attacker-controlled addresses. The theft totaled approximately $8.5 million in cryptocurrency assets.
Dec 24, 2025
Attackers push trojanized Trust Wallet Chrome extension update
Using stolen access, attackers uploaded a malicious Trust Wallet Chrome extension update to the Chrome Web Store on Christmas Eve. The update was designed to harvest users' wallet mnemonic phrases and facilitate cryptocurrency theft.
Dec 10, 2025
Shai-Hulud 2.0 scales to over 700 npm packages and 25,000 repositories
Researchers and vendors reported that Shai-Hulud 2.0 automated worm-like propagation across the npm ecosystem, compromising more than 700 npm packages and over 25,000 GitHub repositories. Microsoft and Wiz characterized it as one of the most severe supply-chain attacks affecting the JavaScript and cloud-native ecosystem.
Nov 1, 2025
Trust Wallet says Shai-Hulud attack compromised its Chrome extension
Trust Wallet disclosed that the broader Shai-Hulud supply-chain attack in November 2025 led to the compromise of its Google Chrome extension source code and Chrome Web Store API key through leaked GitHub secrets. The intrusion enabled attackers to prepare and distribute a trojanized browser extension.
Nov 1, 2025
Shai-Hulud campaign compromises maintainer accounts in npm ecosystem
Attackers began a supply-chain campaign by compromising npm package maintainer accounts, often via phishing, and injecting malicious preinstall scripts to harvest credentials and enable persistence. The activity ultimately affected hundreds of packages and thousands of repositories across the JavaScript and cloud-native ecosystem.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Threat Actors
Malware
Affected Products
Sources
Related Stories
Shai-Hulud Worm and Related Malicious NPM Package Attacks Targeting Software Supply Chains
A large-scale supply chain attack has targeted the Node Package Manager (NPM) ecosystem, compromising hundreds of widely used JavaScript packages and threatening the security of software development pipelines globally. In mid-September, cybersecurity researchers identified a self-propagating malware dubbed "Shai-Hulud," which was distributed through trojanized NPM packages, including some with millions of weekly downloads and high-profile packages such as those from CrowdStrike. The attack leveraged a malicious "bundle.js" script that downloaded and executed TruffleHog, a legitimate credential scanner, to harvest developer and CI/CD tokens, cloud service credentials, and environment variables from compromised systems. The stolen credentials were exfiltrated via hard-coded webhooks and GitHub Actions workflows, enabling the attacker to further propagate the malware and gain unauthorized access to sensitive resources. The campaign affected both Windows and Linux systems, increasing its reach and impact across diverse development environments. Sysdig reported that the attack on September 15 involved approximately 200 compromised packages, including @ctrl/tinycolor, and was linked to an attacker who had previously targeted Nx packages in late August. The worm not only stole secrets but also published them publicly on GitHub and attempted to make victim repositories public, amplifying the risk of further compromise. Earlier in the month, other popular packages such as chalk, debug, and duck were also compromised following a successful spear phishing attack against a maintainer, with the attacker seeking to redirect cryptocurrency payments. NPM responded by removing the malicious package versions, but users were required to update or revert to secure versions to mitigate the risk. Sysdig provided same-day threat intelligence and detection capabilities to its customers, including open source Falco rules to identify and respond to the threat. The attack demonstrated the vulnerability of even the most trusted and widely used open source packages, highlighting the importance of continuous monitoring and rapid response in the software supply chain. Security researchers and vendors emphasized the need for organizations to scan their environments for known malicious packages, such as dist.fezbox.cjs, and to review logs for signs of credential exfiltration. The incident underscored the evolving tactics of threat actors targeting developer ecosystems, using advanced techniques to automate propagation and maximize impact. Organizations relying on NPM packages and CI/CD pipelines were urged to remain vigilant, update dependencies promptly, and leverage threat intelligence resources to defend against similar attacks. The Shai-Hulud campaign remains an evolving threat, with ongoing analysis and mitigation efforts by the security community. This incident serves as a stark reminder that popularity and trust in open source packages do not guarantee safety, and proactive security measures are essential to protect software supply chains from compromise.
1 months ago
Shai-Hulud Malware Supply Chain Attack on NPM Packages Targeting Zapier and ENS Domains
A new variant of the Shai-Hulud malware, dubbed "Sha1-Hulud: The Second Coming," has compromised over 70 npm packages, including those associated with Zapier and ENS Domains. The attack involves malicious code that steals developer credentials and publicly exposes them by creating thousands of GitHub repositories labeled with the campaign's name. This incident represents a significant escalation in supply chain attacks within the JavaScript ecosystem, with the malware demonstrating advanced self-propagation capabilities and surpassing the impact of previous Shai-Hulud campaigns within hours of detection. Security researchers have urged immediate action for developers and organizations using npm packages, recommending checks for compromised package versions, auditing of GitHub accounts for unauthorized repositories, and remediation steps such as removing affected `node_modules` directories and clearing npm caches. The attack highlights the ongoing risks posed by supply chain threats in open-source ecosystems and the need for vigilant monitoring and rapid response to emerging malware campaigns.
Today
Shai-Hulud Infostealer Supply Chain Attack on npm Ecosystem
A major supply chain attack targeted the npm ecosystem in September 2025, where an infostealer with worm-like characteristics, dubbed **Shai-Hulud**, compromised over 500 npm packages. The attack leveraged a previous compromise of the `s1ngularity/nx` project, exploiting CI/CD pipeline credentials and propagating through both direct and indirect dependencies. Security researchers confirmed that attackers exfiltrated GitHub and npm tokens, enabling them to inject malicious code into widely used packages and potentially access internal networks, move laterally, or tamper with software releases. The incident highlighted the persistent risks associated with CI/CD pipeline security, as attackers exploited overlooked access to secrets such as API keys and deployment tokens. The scale of the attack forced engineering and security teams worldwide to spend significant resources cleaning compromised environments and assessing exposure, even though the direct financial impact was limited. The event underscored the need for enhanced runtime security monitoring, such as eBPF-based sensors, and stricter controls on package publishing and consumption to defend against similar threats in the future.
1 months ago