What many hoped was a one-off incident has now escalated into one of the most sophisticated and aggressive supply-chain malware campaigns seen this year. The notorious npm worm Shai Hulud – named after the colossal sandworms in Dune – has resurfaced with a second, far more expansive attack, compromising major developer ecosystems including Zapier, ENS Domains, AsyncAPI, PostHog, and Postman.
The attack was detected early Monday morning as security teams began their day with a surge of malware alerts hundreds of packages lighting up red in rapid succession. What initially seemed like noise quickly turned into confirmation: Shai Hulud was back.
Timed strategically just before npm’s December 9 revocation of legacy tokens, the attacker appears to be capitalizing on a transition period when many developers still haven’t moved to more secure publishing methods creating the perfect opening for another hit.
A Campaign Months in the Making
Based on previous tracking and the new wave of indicators, the second attack (dramatically labeled “The Second Coming” by its operators) follows a clear timeline:
- Aug 27: Researchers report the S1ngularity npm campaign.
- Sep 16: Shai Hulud’s first wave strikes.
- Sep 18: Analysts publish deeper technical findings.
- Nov 24: The second, larger attack is launched.
This latest wave is not only broader it’s more damaging.
What Shai Hulud Actually Does
Shai Hulud is a self-replicating npm worm, designed to:
- Scan infected environments for secrets (API keys, tokens, environment variables)
- Use tools like TruffleHog to locate exposed credentials
- Automatically publish the stolen secrets to public GitHub repositories
- Attempt to infect additional npm packages using discovered tokens
- Exfiltrate captured data back to the attackers
This time, the attackers created more than 26,000 public GitHub repositories containing leaked secrets each labeled with a dramatic description:
“Sha1-Hulud: The Second Coming.”
Scope of the Attack: 425+ Packages, 132 Million Monthly Downloads
The scale is immense. More than 425 packages were compromised across multiple major ecosystems.
These packages collectively see:
- 132 million monthly downloads
- Impact across Zapier, ENS Domains, AsyncAPI, PostHog, and Postman
- Dozens of high-profile JavaScript libraries and development tools
While the full list is extremely long, high-impact categories include:
- PostHog Packages: analytics plugins, ingestion tools, UI libraries
- Postman Packages: CLI tools, WASM utilities, node components
- AsyncAPI Packages: CLI, core libraries
- ENS & Ethereum Utilities: ENS-related packages
- Zapier Packages: AI tools, SDKs, configuration utilities
Many infections started within GitHub Actions pipelines, suggesting that automated workflows were compromised similar to earlier S1ngularity campaign methods.
“Patient zero” appears to be go-template and multiple AsyncAPI packages discovered around 3:16 AM GMT on Nov 24.
PostHog packages followed at 4:11 AM, and Postman packages shortly after 5:09 AM.
A Glimpse Into the Malware Behavior
The worm attempts to:
- Install or locate the Bun runtime
- Inject malicious scripts into npm packages
- Deploy a hidden bun_environment.js payload
- Spread across developer ecosystems using tokens and credentials
- Push staged malicious versions into public registries
Interestingly, this wave included attacker mistakes that accidentally limited its reach:
Some compromised packages included only the initial staging script (setup_bun.js), without the worm’s main payload.
This inconsistency slowed propagation in certain areas—but not nearly enough to contain the overall outbreak.
Why This Matters for the MEA Region
While this is a global supply-chain attack, it has strong implications for Middle East and Africa organizations:
- MEA companies rely heavily on open-source JavaScript tooling for fintech, government portals, and mobile app development.
- Rapid digital transformation in GCC states increases exposure to compromised developer pipelines.
- Many tech startups and mid-size organizations in MEA lack dedicated software composition analysis (SCA) programs.
This wave shows how a single compromised package can cascade through the region’s fast-growing digital ecosystem especially in countries like UAE, Saudi Arabia, Morocco, South Africa, and Kenya where developer activity is booming.
Industries at risk include:
- Banking & fintech
- Telecom
- Government digital services
- E-commerce
- Healthcare tech
- AI startups
Supply-chain attacks remain one of the most dangerous and least understood cyber threats in MEA.
What Security Teams Should Do Now (10 Critical Actions)
Every organization – globally and in MEA – should take immediate action.
1. Audit all npm dependencies immediately: Check for any of the compromised packages listed in advisories.
2. Revoke and rotate all developer tokens: Especially:
- npm tokens
- GitHub PATs
- CI/CD secrets
- API keys
3. Enforce trusted publishing for npm: Legacy authentication tokens should be considered unsafe.
4. Enable automated Software Composition Analysis (SCA): Use scanning tools available via partners such as Saintynet Cybersecurity (saintynet.com).
5. Inspect GitHub Actions workflows for suspicious behavior: Look for unauthorized branches or triggered workflows.
6. Implement secret-scanning before commits: Services like TruffleHog or GitHub Advanced Security are essential.
7. Train development teams on supply-chain attack awareness: Provide modern training programs via training.saintynet.com.
8. Block compromised domains and indicators: Use threat intelligence feeds from your SOC or managed security provider.
9. Review CI/CD pipelines for token leakage: Especially environments where build artifacts or logs are exposed.
10. Develop an internal supply-chain risk policy: Tie this into secure-coding standards and dependencies governance.
Conclusion
The second Shai Hulud strike is a stark reminder that software supply-chain attacks are accelerating in scale, automation, and ambition. By targeting trusted developer ecosystems – and exploiting outdated publishing tokens – the attackers have shown how fragile widely adopted open-source infrastructure can be.
As organizations across GCC and Africa continue to digitize at speed, strengthening supply-chain security is no longer optional it’s mission-critical.
The wave may have included attacker mistakes, but the message is clear: The software ecosystem is under active attack, and defenders must respond just as aggressively.
