Shai-Hulud npm Supply Chain Attack: What You Need to Know

In September 2025, the open-source ecosystem experienced a significant threat: the Shai-Hulud npm supply chain attack. Malicious packages were published on npm, harvesting developer credentials and spreading rapidly across projects. Within 48 hours, over 180 packages were compromised. This campaign highlighted the vulnerabilities in open-source supply chains and the risks organizations face when attackers exploit trusted developer pipelines.

Key Details

Start of attack: First malicious npm packages appeared on 14 September 2025.
Rapid escalation: By 15 September 2025, packages such as ngx-bootstrap, ng2-file-upload, and ctrl/tinycolor had been compromised.
Scope: On 16 September 2025, over 180 packages were confirmed compromised, spreading across popular namespaces like @ctrl, @nativescript-community, and even CrowdStrike’s namespace.
Method: The worm used stolen npm and GitHub tokens to automatically publish new malicious versions.
Impact: Harvested secrets included npm credentials, GitHub tokens, Atlassian keys, and cloud environment variables. Some private repositories were force-migrated to public.
Severity: Classified as High due to self-propagation, global reach, and large-scale credential theft

Shai-Hulud-npm-timeline

10 Key Questions and Answers

1. What is the Shai-Hulud attack?

A supply chain compromise where npm packages were injected with malware designed to steal credentials and self-propagate.

2. How did it spread?

The malware scanned environments for tokens and reused them to publish malicious versions of accessible npm packages.

3. When did it happen?

Between 14–16 September 2025, with initial detection on the 14th and full spread reported by the 16th

Initial detection occurred on September 14, 2025, with the attack fully spreading by September 16, 2025.

4. Which packages were affected?

Namespaces included @ctrl, @nativescript-community, ngx-bootstrap, and CrowdStrike-related packages.

5. What data was targeted?

Stolen secrets included npm tokens, GitHub tokens, API keys, cloud credentials, and environment variables.

6. Who was affected?

The campaign was global and impacted all sectors, as npm is widely used across industries.

7. Was it linked to known groups?

No specific APT or ransomware group has been attributed so far.

8. Which MITRE ATT&CK techniques apply?

T1195 Supply Chain Compromise
T1528 Steal Application Access Token
T1566 Phishing (possible initial access)
T1041 Exfiltration Over C2 Channel

Shai-Hulud-MITRE-ATT&CK-techniques

9. How severe is the attack?

High severity due to its worm-like behavior and exposure of sensitive developer assets.

10. What mitigations are advised?

Pull packages from internal, verified repositories
Rotate all tokens and API keys
Use vulnerability scanning and code review tools
Apply least privilege to developer accounts
Monitor GitHub Actions and audit logs for anomalies

Shai-Hulud-npm-mitigations

Conclusion and Lessons Learned

The Shai-Hulud campaign revealed the risks of supply chain attacks in open-source ecosystems. Malicious npm packages harvested credentials, spread rapidly, and exposed private repositories worldwide.

Organizations require continuous monitoring, credential protection, and robust supply chain integrity controls. SOCRadar provides distinct value in these areas:

Threat Intelligence Platform – Enrich and track IOCs related to npm and GitHub compromises.
Digital Risk Protection (DRP) – Detect leaked credentials, exposed repositories, and malicious infrastructure early.
Attack Surface Management (ASM) – Discover vulnerable assets and dependencies before attackers do.

SOCRadar.io enables SOC teams to enhance threat intelligence, automate alerts within SIEM and SOAR platforms, and respond more quickly to supply chain threats such as Shai-Hulud.