We are tracking a major resurgence of the Shai-Hulud malware campaign, now emerging as a new variant referred to as “Sha1-Hulud: The Second Coming.” This outbreak has already outgrown the original Shai-Hulud incident, with more than 800 npm packages confirmed as trojanized and tens of thousands of GitHub repositories affected, spreading rapidly across multiple maintainers, including the Zaier and ENS ecosystems. The malicious versions embed credential-stealing payloads designed to capture developer tokens, leak secrets, and establish persistent footholds across repositories and developer environments. This page will be updated continuously as the investigation progresses and additional compromised packages are identified.
In this second wave, Sha1-Hulud introduces a far more aggressive fallback mechanism: if the malware fails to authenticate or establish persistence, it attempts to destroy the victim’s entire home directory. Specifically, the malware deletes every writable file owned by the current user under their home folder. This destructive logic triggers only when all of the following conditions are met:
- It cannot authenticate to GitHub
- It cannot create a GitHub repository
- It cannot fetch a GitHub token
- It cannot find an NPM token
In other words, if Sha1-Hulud is unable to steal credentials, obtain tokens, or secure any exfiltration channel, it defaults to catastrophic data destruction. This marks a significant escalation from the first wave, shifting the actor’s tactics from purely data-theft to punitive sabotage.
.png)
Subscribe for live updates
hubspot-form
What to Do?
Organizations should act quickly to contain the impact of the Sha1-Hulud Second Coming campaign.
- Begin by scanning across all endpoints - developer machines, build servers, and CI/CD agents - for the presence of impacted packages (Koi customers already got alerts for relevant packages)
- Any compromised versions should be removed immediately, and we recommend temporarily freezing npm package updates until the full scope of the attack is understood (Koi customers are protected via Version Cooldown and network guardrails)
- Next, perform a complete credential rotation, including GitHub, npm, AWS, GCP, and Azure tokens, since the malware is designed to harvest secrets from multiple environments
- Finally, audit your repositories for persistence mechanisms by reviewing .github/workflows/ for suspicious files such as shai-hulud-workflow.yml or unexpected branches
These steps will help reduce risk and limit attacker footholds while the investigation and cleanup continue.
Need Help?
Concerned your organization may be affected? Reach out to us for expert guidance on detecting compromised packages and mitigating this supply-chain attack.