Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Shai-Hulud

Shai‑Hulud campaign trojanises hundreds of npm packages and leaks CI/CD secrets to GitHub

Cloud, Cybercrime, News, Research, Vulnerabilities

November 24, 2025

A renewed Shai‑Hulud campaign has published thousands of trojanised npm packages that steal developer and CI/CD secrets and post them to GitHub; researchers at Aikido and Wiz say the operation modified legitimate packages, used compromised maintainer accounts and is leaking secrets in automatically created GitHub repositories.
GitHub outlines changes to harden npm after self-replicating worm incident

Cybercrime, News, Risk, Vendors, Vulnerabilities

September 25, 2025

GitHub said a self-replicating “Shai-Hulud” worm compromised maintainer accounts and injected malicious post-install scripts into npm packages, and outlined changes including required 2FA, short-lived granular tokens and trusted publishing to harden npm’s supply chain.

About
Editorial Policy
Privacy
Contact