On September 23, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about a widespread supply chain compromise targeting the world’s largest JavaScript registry, npmjs.com.
According to the CISA, the attack was carried out by a self-replicating worm named “Shai-Hulud.” It had already compromised over 500 npm packages, which are reusable pieces of code fundamental for many JavaScript projects.
Kush Pandya, Peter van der Zee, and Olivia Brown from Socket reported the breach. Analysts at Palo Alto Networks Unit 42 released more details between September 17–19, 2025.
The worm spread by stealing sensitive credentials, including GitHub Personal Access Tokens (PATs) and cloud API keys for AWS, Google Cloud, and Microsoft Azure. Once stolen, the credentials were exfiltrated and uploaded to a public GitHub repository called Shai-Hulud.
Shai-Hulud works like a self-propagating worm inside the npm ecosystem. Attackers first get code into a package or trick a maintainer into running a malicious version. After a developer installs or runs the infected package, the payload executes and searches the developer’s files and environment for secrets such as GitHub Personal Access Tokens and cloud API keys.
The malware exfiltrates any found credentials to an attacker-controlled location and also posts them to a public GitHub repo to speed discovery. Using stolen credentials, the actor authenticates as the compromised maintainer and publishes new, infected versions of other npm packages.
Automated scripts then repeat the process. The new malicious packages infect more developers, harvest more credentials, and spread further. The payload often creates hidden persistence (for example, covert GitHub Actions workflows) so the attacker can regain access even if some credentials are rotated.
The CISA report notes, “CISA is releasing this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as “Shai-Hulud”—has compromised over 500 packages.”
See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)
A supply chain attack is when cybercriminals target the software or services a company relies on, such as open-source libraries, third-party vendors, or cloud tools, instead of attacking the company directly. By compromising a trusted link in the chain, attackers gain access to many downstream victims at once.
They are dangerous because one successful compromise can spread malware or steal credentials across thousands of organizations. Developers and users trust updates from official sources, so malicious code often blends in unnoticed until damage is done.
Attackers may hack a vendor’s systems, steal developer credentials, or slip malicious code into open-source packages. Once published, the malicious update gets distributed through normal software updates, making the attack difficult to detect.