Redazione RHC : 18 September 2025 16:26
Security researchers have discovered the compromise of over 180 npm packages, infected with a self-propagating malware designed to infect other packages. The campaign, dubbed Shai-Hulud, likely began with the hack of the @ctrl/tinycolor package, which is downloaded over 2 million times a week.
The name Shai-Hulud comes from the shai-hulud.yaml files used by the malware. It is a reference to the giant sandworms from Frank Herbert’s Dune. The issue was first brought to the attention of developer Daniel Pereira developer Daniel Pereira, who alerted the community to a large-scale supply chain attack.
“Right now, as you read this, malware is being distributed within npm,” Pereira said, urging everyone not to install the latest versions of @ctrl/tinycolor.
The developer attempted to notify the GitHub security team via private channels, as the attackers they had targeted “multiple repositories” and publicly disclosing the attack could have created further risks. However, contacting GitHub proved too difficult, so Pereira publicly reported the issue.
Researchers at Socket and Aikido are currently investigating the incident and have discovered that at least 187 packages have been compromised. Among the affected packages, several are published by the account npmjs from cybersecurity firm CrowdStrike.
“After discovering several malicious packages in the public npm registry (a third-party open source repository), we quickly removed them and preemptively updated our keys,” CrowdStrike representatives said.“These packages are not used by Falcon, our platform is unaffected, and customers remain protected. We are working with npm and conducting a thorough investigation.”
ReversingLabs, in turn, describes this incident as “the first of its kind, a self-replicating worm that infects npm packages and steals cloud tokens.” Researchers believe the attack originated in the rxnt-authentication package, a malicious version of which was published to npm on September 14, 2025.
According to ReversingLabs, the person responsible for techsupportrxnt can be considered patient zero. The key to uncovering the source of the attack lies in exactly how the techsupportrxnt account was compromised. It could have started with a phishing email or the exploitation of a vulnerable GitHub Action.
The compromised versions of the packages are equipped with a malware self-propagation mechanism, targeting other packages from the affected maintainers. According to Socket researchers, the malware downloaded each package from the maintainer, modified its package.json, injected the bundle.js script, repackaged the archive, and republished it, “thus ensuring automatic Trojanization of downstream packages.”
The bundle.js script uses TruffleHog, a legitimate secret scanner designed for developers and security professionals. TruffleHog helps detect accidentally leaked sensitive information, such as API keys, passwords, and tokens, from repositories and other sources. The malicious script abused the tool to find tokens and cloud credentials.
Redazione