Shai-Hulud

Entity category: PRODUCT

Business

NPM Malware Attack Exposed 400,000 Developer Secrets

December 4, 2025
NPM logo in red and white on a dark background with red circles.

A malware campaign called Shai-Hulud compromised hundreds of NPM packages, exposing roughly 400,000 raw secrets from thousands of GitHub repositories,…

Read More »
Business

New npm Worm Threatens Software Supply Chain

November 27, 2025
Close-up of computer screen displaying lines of colorful Python code.

A sophisticated worm called Shai-Hulud is actively stealing developer credentials and spreading across hundreds of npm packages, impacting millions of…

Read More »
BigTech Companies

GitHub Tightens npm Security After Shai-Hulud Attack

September 24, 2025
npm logo in red and white, set against a background of dark, stacked boxes.

The npm registry faces increasing threats from attacks like phishing campaigns and the self-propagating "Shai-Hulud" worm, leading GitHub to implement…

Read More »
BigTech Companies

A Dangerous Worm Is Infecting Software Packages

September 21, 2025
Mysterious dark object resembling a giant eye, partially buried in sand under a hazy sky.

A self-replicating worm named Shai-Hulud has infected hundreds of open-source JavaScript packages on NPM, actively seeking credentials to spread further…

Read More »