Shai-Hulud

supply-chain 2026-06-04
IronWorm: A Rust-Built npm Worm With an eBPF Rootkit and Tor C2
JFrog dissected IronWorm, a self-replicating npm supply-chain worm written in Rust that hides behind an eBPF kernel rootkit, beacons over Tor, and steals 86 env vars and 20+ credential files. 36 packages hit before it was caught.
supply-chain npm rust ebpf rootkit tor web3 shai-hulud
supply-chain 2026-06-01
Red Hat Cloud Services npm Packages Hijacked in 'Miasma' Shai-Hulud Worm
A Mini Shai-Hulud wave dubbed 'Miasma' poisoned ~30 @redhat-cloud-services npm packages on June 1 via a compromised CI/CD pipeline, dropping a Bun-based credential stealer with a destructive dead-man switch.
supply-chain npm shai-hulud miasma red-hat teampcp credential-theft ci-cd bun github-actions kubernetes
supply-chain 2026-05-12
Mini Shai-Hulud Wave 4: TanStack, Mistral AI, UiPath Hit by First-Ever SLSA-Attested Malicious npm Packages (CVE-2026-45321)
TeamPCP's fourth Mini Shai-Hulud wave compromised 42 TanStack packages, the Mistral AI SDK, UiPath, OpenSearch, and Guardrails AI by stealing OIDC tokens out of a GitHub Actions runner's process memory — and shipped malicious versions with valid SLSA Build Level 3 provenance attestations.
supply-chain npm pypi github-actions oidc slsa provenance teampcp shai-hulud tanstack mistral-ai ci-cd
2026-05-10
Worms All the Way Down: Why npm and PyPI Will Keep Spawning Self-Propagating Compromises Until We Re-Architect Install-Time Trust
From the original Shai-Hulud in September 2025 through CanisterSprawl, the Bitwarden CLI compromise, and Mini Shai-Hulud, every major npm/PyPI worm of the last eight months has used the same primitive: package lifecycle hooks that run arbitrary code on install. Until the registries change that default, each generation will keep landing.
supply-chain npm pypi shai-hulud teampcp worm ci-cd package-manager install-time-execution
supply-chain 2026-05-01
Mini Shai-Hulud: SAP, Intercom, and PyTorch Lightning Hit by Bun-Based Stealer in 48-Hour TeamPCP Cascade
TeamPCP's Mini Shai-Hulud campaign poisoned SAP CAP, Intercom, and PyTorch Lightning packages on April 29-30 with a Bun-runtime credential stealer that scrapes secrets directly from CI runner memory.
supply-chain npm pypi teampcp shai-hulud sap intercom pytorch-lightning bun credential-theft ci-cd
supply-chain 2026-04-24
@bitwarden/cli 2026.4.0 Backdoored in 93-Minute npm Window — 'Shai-Hulud: The Third Coming' Worm Hijacks Developer Credentials
A trojanized @bitwarden/[email protected] sat live on npm for 93 minutes on April 22, exfiltrating GitHub/npm tokens, SSH keys, cloud creds, and crypto wallet keys — and self-propagating through victims' own npm packages. The pivot came from the ongoing Checkmarx/TeamPCP campaign.
supply-chain npm bitwarden checkmarx shai-hulud worm ci-cd teampcp

Shai-Hulud

IronWorm: A Rust-Built npm Worm With an eBPF Rootkit and Tor C2

Red Hat Cloud Services npm Packages Hijacked in 'Miasma' Shai-Hulud Worm

Mini Shai-Hulud Wave 4: TanStack, Mistral AI, UiPath Hit by First-Ever SLSA-Attested Malicious npm Packages (CVE-2026-45321)

Worms All the Way Down: Why npm and PyPI Will Keep Spawning Self-Propagating Compromises Until We Re-Architect Install-Time Trust

Mini Shai-Hulud: SAP, Intercom, and PyTorch Lightning Hit by Bun-Based Stealer in 48-Hour TeamPCP Cascade

@bitwarden/cli 2026.4.0 Backdoored in 93-Minute npm Window — 'Shai-Hulud: The Third Coming' Worm Hijacks Developer Credentials