¶Code of Shai Hulud 2.0: The Supply Chain Worm That Compromised 25,000+ Repos in 48 Hours

• Video Breakdown
• What Happened
• What Shai Hulud 2.0 Does
• Why This Keeps Happening
  • Npm Does Too Much
  • CI/CD Blindspots
• How to Protect Your Organisation
• References

¶Video Breakdown

¶What Happened

Over 25,000 GitHub repositories were compromised in just 48 hours by a sophisticated worm called Shai Hulud 2.0 that tore through the npm ecosystem. This isn't your typical malware — it's a self-propagating supply chain attack that exploits the trust developers place in their package managers and CI/CD pipelines.

If only I had a euro for every time an npm package was compromised...

¶What Shai Hulud 2.0 Does

The worm carries out a multi-stage attack:

• Hijacks npm packages to steal AWS, GCP, and Azure credentials from your environment
• Publishes stolen secrets to public GitHub repositories, exposing them to anyone
• Deletes the user's $HOME directory — a destructive payload that wipes your local environment
• Creates a self-hosted GitHub Actions runner on your machine, giving the attacker remote command execution
• Self-propagates by republishing infected versions of YOUR packages, spreading the worm to all your downstream consumers

¶Why This Keeps Happening

¶Npm Does Too Much

Npm tries to be a do-it-all Swiss knife. It handles package installation, script execution, lifecycle hooks, and more. This violates the Unix philosophy of "do one thing well" and creates a massive attack surface. Lifecycle scripts like preinstall and postinstall can execute arbitrary code the moment you run npm install — before you've even looked at what you've downloaded.

¶CI/CD Blindspots

If someone has access to your CI/CD pipeline, they have access to the secrets in it. In many setups, a pull request alone can trigger pipeline execution with access to environment variables containing cloud credentials, API keys, and deployment tokens. The blast radius of a single compromised dependency becomes enormous when it runs inside your CI/CD.

¶How to Protect Your Organisation

Layer up: Use a package registry proxy (like Artifactory or Nexus) to enforce policies on what packages can be installed. Don't let developers pull directly from the public npm registry in production pipelines.

Wait it out: Block packages that are only a few days old or have low download counts. Most malicious packages are caught and removed within days of publication. A short quarantine period dramatically reduces your exposure.

Analyse: Monitor what's being used across your organisation. Know your dependency tree. Tools like npm audit, Snyk, or Socket can flag suspicious packages before they cause damage.

Harden CI/CD: Reduce secrets usage in your pipelines. Use short-lived credentials, scope them to the minimum required permissions, and run builds in isolated environments. Never expose secrets to steps that process untrusted code.

¶References

• DataDog Security Research on Shai Hulud 2.0
• TrendMicro Analysis