Shai-Hulud 2.0 Rampage: 800+ NPM Packages Trojanized, 25,000+ GitHub Repos Infected In Supply Chain Onslaught

Developers woke to alarms on November 24, 2025, as Shai-Hulud malware resurfaced in a bolder attack.

This “Second Coming” affected over 800 npm packages from firms such as Zapier, ENS Domains, AsyncAPI, PostHog, and Postman.

It exposed secrets from 25,000+ GitHub repositories, timed to coincide with npm’s classic token revocation on December 9.​

Attack Mechanics and Spread

Shai-Hulud acts as a self-spreading worm, inspired by Dune’s sandworms. It slips into the post-install scripts of trojanized packages.

On execution, setup_bun.js checks for Bun runtime; if missing, it downloads and installs Bun via official scripts curl for Unix, PowerShell for Windows.

It then reloads PATH, scans shell profiles such as .bashrc, and runs the core payload, bun_environment.js.

The malware hunts credentials using TruffleHog, scanning for API keys, tokens, and secrets.

It creates random GitHub repos tagged “Sha1-Hulud: The Second Coming” and publicly dumps the findings.

Attackers push up to 100 new malicious packages per victim, versus 20 in September’s first wave failure to authenticate triggers a wipe of the user’s home directory.

Patient zero hit at 3:16 AM GMT: go-template and 36 AsyncAPI packages, spreading to PostHog by 4:11 AM and Postman by 5:09 AM.

Affected scopes total 132 million monthly downloads, including @posthog/cli, @ensdomains/ensjs, and @postman/postman-collection-fork.

Community errors amplified spread some packages bundled only staging code, missing the whole worm, limiting damage.

Impact and Urgent Fixes

The assault hit high-profile projects: AsyncAPI’s CLI branch deployed malware; ENS, Zapier, and others leaked build secrets.

Firms responded quickly PostHog and Postman posted status updates and rotated keys. GitLab flagged widespread npm risks; Wiz tallied 25,000+ exposed repos across 500 users.

Teams face credential theft in CI/CD pipelines, enabling further breaches. Quick audits reveal infections via suspicious repos or downloads.

Defend now:

• Scan dependencies for Shai-Hulud indicators; revoke npm/GitHub tokens.
• Rotate all secrets; turn off postinstall scripts in CI.
• Pin versions, enforce MFA, and use tools like Aikido’s Safe-Chain.
• Hunt “Sha1-Hulud: The Second Coming” repos; migrate to trusted publishing.

This wave underscores npm’s fragility amid token deadlines. Developers must harden habits to starve future worms.