The incident involves a self-replicating worm, publicly referred to as “Shai-Hulud”, which has infected more than 500 npm packages, with an even broader impact in a second wave (Shai-Hulud 2.0) that delivered a different payload.
After gaining initial access, the malicious threat actor deployed malware designed to scan affected environments for sensitive credentials and exfiltrate these. The second version included a destructive payload capable of deleting the user’s home directory.
The threat actor specifically targeted GitHub Personal Access Tokens (PATs), API keys for major cloud service providers—including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure as well as credentials related to software distribution channels.
Detection
- Review all the npm packages installed by reviewing
package-lock.json,yarn.lockand similar files. Don’t forget to search recursively. - A list of compromised package is available at https://github.com/wiz-sec-public/wiz-research-iocs/blob/main/reports/shai-hulud-2-packages.csv.
- Be careful with cached version in directory which could contain malicious packages.
- Check for the hashes of the malware sample linked below.
Remediation
- Immediately rotate all developer credentials and API keys.
- Ensuring MFA is enabled on all developer having access to repositories and systems for software deployment.
- Review access logs and CI pipelines if they have been modified.
Malware Sample
- 62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0
- f099c5d9ec417d4445a0328ac0ada9cde79fc37410914103ae9c609cbc0ee068
- a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a
Network Indicator
- http[:]//bun[.]sh/install[.]ps1
Known affected software in Luxembourg
We received notifications about affected users and GitHub repositories. To date, the impact has been minor, affecting only a limited number of organisations in Luxembourg. We are actively monitoring the situation.
References
- Datadog The Shai-Hulud 2.0 npm worm: analysis, and what you need to know
- StepSecurity Shai-Hulud: Self-Replicating Worm Compromises 500+ NPM Packages
- Unit42 “Shai-Hulud” Worm Compromises npm Ecosystem in Supply Chain Attack (Updated November 26)
- CISA Widespread Supply Chain Compromise Impacting npm Ecosystem
- GitLab GitLab discovers widespread npm supply chain attack
- WIZ [](https://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attack)
- CIRCL Malicious Packages on vulnerability-lookup
- CSSF Supply-chain attack using NPM packages
Classification of this document
TLP:CLEAR information may be distributed without restriction, subject to copyright controls.
Revision
- Version 1.0 - TLP:CLEAR - First version - 28th November 2025