Cyber attackers compromised Zapier’s NPM account in late November 2025, infecting multiple packages as part of the Shai-Hulud 2.0 malware campaign, dubbed “The Second Coming” by the threat actors.
This self-replicating worm spread rapidly across the NPM ecosystem, targeting developer machines and CI/CD pipelines to steal secrets, including API keys and tokens.
The attack began around 3:16 AM GMT on November 24, exploiting unpatched GitHub Actions workflows in projects like AsyncAPI, which served as patient zero.
Packages from PostHog and Postman followed shortly after, with Zapier scopes hit next.
Shai-Hulud hides in NPM package preinstall or postinstall scripts, running before the full installation completes.
The payload first checks for Bun, a fast JavaScript runtime; if it’s absent, it downloads and installs it via platform-specific commands, such as curl on Unix or PowerShell on Windows.
Once Bun runs, the core script (often named bun_environment.js) scans the victim’s environment using tools similar to TruffleHog for sensitive data, including NPM tokens, GitHub PATs, SSH keys, and cloud credentials from AWS, Azure, or GCP.
Stolen secrets are stored in JSON files and uploaded to new public GitHub repositories with descriptions like “Sha1-Hulud: The Second Coming,” now numbering over 26,000.
This wave differs from September’s first attack: it targets up to 100 packages per victim (vs. 20), uses random repo names, relies on Bun for stealth, and wipes the user’s home directory if authentication fails a destructive “dead man’s switch.”
Over 492 NPM packages across Zapier, ENS Domains, AsyncAPI, PostHog, Postman, and others amassed 132 million monthly downloads before takedown. High-impact examples include:
| Company | Key Compromised Packages |
|---|---|
| Zapier | @zapier/zapier-sdk, zapier-platform-core |
| PostHog | posthog-node, @posthog/plugin-server |
| Postman | @postman/tunnel-agent, postman-node |
| AsyncAPI | @asyncapi/cli, @asyncapi/generator |
| ENS | @ensdomains/ensjs, ethereum-ens |
PostHog, Postman, and AsyncAPI quickly posted incident reports, revoked tokens, and urged credential rotation.
Security teams should audit dependencies for recent versions, clear NPM caches, rotate all secrets, scan GitHub for suspicious repos, disable install scripts in CI/CD, pin package versions, enforce MFA, and use SCA tools to block fresh malicious uploads.
PortSwigger has leveled up Burp Suite's scanning arsenal with the latest Active Scan++ extension, version…
Unit 42 researchers at Palo Alto Networks exposed serious flaws in the Model Context Protocol…
Polish police have arrested three Ukrainian men traveling through Europe and seized a cache of…
Google has launched its most significant Chrome update ever, embedding Gemini AI across the browser…
Attackers exploit this vulnerability through the router's web interface components, specifically "cgibin" and "hnap_main," by…
Security researchers have uncovered a severe flaw in Apache Tika, a popular open-source toolkit for…