Infamous Shai-hulud Worm Resurfaces From the Depths TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Dark Reading Resource LibraryBlack Hat NewsOmdia CybersecurityAdvertiseNewsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsVulnerabilities & ThreatsCritical Flaw in Oracle Identity Manager Under ExploitationCritical Flaw in Oracle Identity Manager Under ExploitationbyRob WrightNov 24, 20252 Min ReadApplication SecurityInfamous Shai-hulud Worm Resurfaces From the DepthsInfamous Shai-hulud Worm Resurfaces From the DepthsbyAlexander CulafiNov 24, 20254 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificRecent in World See AllApplication SecurityLINE Messaging Bugs Open Asian Users to Cyber EspionageLINE Messaging Bugs Open Asian Users to Cyber EspionagebyTara SealsNov 21, 20257 Min ReadEndpoint SecurityChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesbyNate Nelson, Contributing WriterNov 20, 20253 Min ReadThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsResource LibraryNewslettersPodcastsReportsVideosWebinarsWhite Papers Partner PerspectivesDark Reading Resource LibraryApplication SecurityData PrivacyCyberattacks & Data BreachesEndpoint SecurityNewsInfamous Shai-hulud Worm Resurfaces From the DepthsThis campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said.Alexander Culafi, Senior News Writer, Dark ReadingNovember 24, 20254 Min ReadSource: TCD/Prod.DB via Alamy Stock PhotoThe Shai-hulud self-replicating worm, which targets open source repositories, has reemerged with a new, more dangerous variant.Shai-hulud first emerged in September as self-replicating malware that spread across NPM packages. In this iteration, the malware took stolen developer accounts (particularly NPM), republished poisoned versions of the software components these accounts maintain, and then infected downstream users that download the poisoned packages. The malware stole credentials and other sensitive information, and when these credentials included NPM accounts with access to open source projects, the cycle could repeat.  The September campaign, which impacted hundreds of repositories, was one of a still-growing list of self-replicating malware families. In tandem, threat actors compromised the NPM account of prolific developer Qix and published poisoned versions of 18 open source software packages, accounting for more than 2 billion weekly downloads. Thankfully, that latter campaign was shut down fairly quickly. As for Shai-hulud, however, that campaign was only ramping up. A new iteration of the malware has affected more than 25,000 repositories across hundreds of users, and the worm seems even more dangerous than before. Poisoned packages began popping up late last week, and although GitHub continues to take action and remove malicious components, the campaign is considered ongoing. Related:LINE Messaging Bugs Open Asian Users to Cyber Espionage'Punitive Sabotage' Wiz today published research detailing the new worm, which it said has compromised a number of popular packages from developers including ENS Domains, PostHog, and Postman, and Zapier. According to researchers at the cloud security firm, "The campaign introduces a new variant that executes malicious code during the preinstall phase, significantly increasing potential exposure in build and runtime environments."Similarly, Wiz said, this wave of attacks uses compromised maintainer accounts to publish poisoned malware packages that steal credentials and exfiltrate data during installation. Also similarly, a wide range of credentials are targeted, including GitHub, Azure, AWS, and GCP in addition to NPM.One aspect where this particular supply chain campaign differs, as Koi Security noted in its blog post, is a new destructive element. If this new variant, which is tracked as "Sha1-hulud," can't steal tokens or credentials, or secure an exfiltration channel, "it attempts to destroy the victim's entire home directory.""Specifically, the malware deletes every writable file owned by the current user under their home folder," Koi's blog post noted. "This marks a significant escalation from the first wave, shifting the actor's tactics from purely data-theft to punitive sabotage."Related:The AI Attack Surface: How Agents Raise the Cyber StakesMerav Bar, threat researcher at Wiz, tells Dark Reading that while developer credentials are still a clear goal, aspects of the new variant's processes, such as its destructive fallback and new persistence mechanisms, suggest "the actor is after broader access and long-term footholds, not just quick credential theft."For organizations, Koi recommends scanning across all endpoints for indicators of compromise (IOCs), removing compromised software versions immediately, possibly freezing updates until the full scope of the campaign is understood, performing a complete credential rotation, and auditing repositories for persistence mechanisms.Christopher Robinson, chief security architect of the OpenSSF, recommends to Dark Reading that developers implement multifactor authentication (MFA) on all accounts and start signing artifacts in software to verify code is coming from trusted sources.Shai-hulud: A Wider PictureThis new variant of Shai-hulud suggests that self-replicating malware is here to stay. Idan Dardikman, co-founder and chief technology officer (CTO) at Koi Security, says that in order to address the issues posed by the worm, three things need to change. First, organizations need to monitor their developer endpoints, as few of them do. Second, developers should have control over NPM lifecycle scripts (as "NPM allows arbitrary code execution during install"). And third, Dardikman explains, NPM should have better token handling. Related:Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam"Long-lived tokens stored in plaintext on disk make these attacks far more damaging. We need short-lived, scoped tokens and safer credential storage," Dardikman says. "NPM has already begun taking steps in this direction."Speaking to the larger issue of open source security, Wiz's Bar explains that supply chain attacks like Shai-hulud are becoming ecosystem-wide threats rather than isolated incidents."Addressing that requires a shift in mindset: treat the supply chain as critical infrastructure and build in guardrails at every layer," Bar says. "This means stronger security around maintainers and publishing, CI/CD environments that assume untrusted dependencies, and ecosystem-wide detection that can surface abnormal package behavior fast. As these attacks get faster and more automated, defenders need to meet them with systems designed to contain compromise quickly and limit blast radius by default, not react after the fact."About the AuthorAlexander CulafiSenior News Writer, Dark ReadingAlex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels.See more from Alexander CulafiMore InsightsIndustry Reports2025 State of Threat Intelligence: What it means for your cybersecurity strategyGartner Innovation Insight: AI SOC AgentsState of AI and Automation in Threat IntelligenceGuide to Network Analysis Visibility SolutionsOrganizations Require a New Approach to Handle Investigation and Response in the CloudAccess More ResearchWebinarsIdentity Security in the Agentic AI EraHow AI & Autonomous Patching Eliminate Exposure RisksSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesMore WebinarsYou May Also LikeEditor's ChoiceCybersecurity OperationsDo National Data Laws Carry Cyber-Risks for Large Orgs?Do National Data Laws Carry Cyber-Risks for Large Orgs?byNate Nelson, Contributing WriterNov 19, 20254 Min ReadKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsIdentity Security in the Agentic AI EraTues, Dec 9, 2025 at 1pm ESTHow AI & Autonomous Patching Eliminate Exposure RisksOn-DemandSecuring the Hybrid Workforce: Challenges and SolutionsTues, Nov 4, 2025 at 1pm ESTCybersecurity Outlook 2026Virtual Event | December 3rd, 2025 | 11:00am - 5:20pm ET | Doors Open at 10:30am ETThreat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesTuesday, Oct 21, 2025 at 1pm ESTMore WebinarsWhite PapersMissing 88% of Exploits: Rethinking KEV in the AI EraThe Straightforward Buyer's Guide to EDRThe True Cost of a Cyberattack - 2025 EditionHow to be a Better Threat HunterFrom the C-Suite to the SOC: Consolidating the Network Security SolutionsExplore More White PapersDiscover MoreBlack HatOmdiaWorking With UsAbout UsAdvertiseReprintsJoin UsNewsletter Sign-UpFollow UsCopyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.Home|Cookie Policy|Privacy|Terms of Use

The resurgence of the Shai-hulud worm, a sophisticated self-replicating malware, represents a significant escalation in the threat landscape, particularly targeting open-source software repositories. As detailed by Dark Reading and Alex Culafi, the worm’s latest iteration, tracked as “Sha1-hulud,” introduces a novel destructive element: the ability to erase a victim’s entire home directory if the malware fails to steal credentials or establish an exfiltration channel. This marks a shift in the attacker’s tactics, moving beyond simple data theft to a more punitive and disruptive approach.

Initially, the Shai-hulud worm spread across hundreds of NPM packages, exploiting compromised developer accounts to republish poisoned versions of software components. The worm’s initial campaign, impacting over 25,000 repositories, highlighted the vulnerability of the NPM ecosystem. The worm’s ability to steal credentials, including access to GitHub, Azure, AWS, and GCP, expanded its potential reach.

The latest variant’s destructive capability, combined with its ability to target a broad range of credentials, indicates a broader intention on the part of the attackers – seeking wider access and establishing long-term footholds rather than merely quick credential theft. This change in strategy is supported by threat researchers like Merav Bar at Wiz, who emphasizes the need for a shift in mindset, treating the supply chain as critical infrastructure and implementing guardrails at every layer.

Several key vulnerabilities were identified and emphasized by Dark Reading and security experts. These include the long-lived storage of plaintext tokens on disk, which significantly amplifies the damage caused by the malware. Moreover, the worm utilizes arbitrary code execution during install, demonstrating a fundamental weakness in the NPM ecosystem.

Mitigation strategies, as proposed by sources like Koi Security and the OpenSSF, center on proactive measures. These include comprehensive endpoint scanning for indicators of compromise (IOCs), immediate removal of compromised software versions, potential freezing of updates until the scope of the campaign is fully understood, and a complete credential rotation. Christopher Robinson, chief security architect of the OpenSSF, strongly advocates for multi-factor authentication (MFA) on all accounts and the implementation of artifact signing to verify the authenticity of software sources.

The crisis has spurred discussions about the broader vulnerabilities within the open-source software supply chain. Idan Dardikman, co-founder and CTO of Koi Security, notes that the current situation requires a fundamental change in approach, prompting a greater focus on monitoring developer endpoints, attaining control over NPM lifecycle scripts, and addressing insecure token handling. Moreover, the ecosystem-wide nature of the threat underscores the need for stronger security around maintainers, publishing practices, and CI/CD environments, alongside wider detection mechanisms.

Ultimately, the Shai-hulud resurgence paints a picture of an increasingly sophisticated and adaptive threat landscape. The attackers are not simply exploiting known vulnerabilities; they are actively evolving their tactics and seeking new ways to infiltrate and disrupt systems, demanding a more proactive and layered security strategy from developers, organizations, and the open-source community as a whole.