Shai-Hulud: The self-replicating NPM worm

How it works, why it matters, and how to defend



WATCH ON DEMAND

Shai-Hulud: The self-replicating NPM worm


During September 2025, researchers observed a supply-chain campaign in the NPM ecosystem using self-replicating malware to spread across maintainers’ packages. After executing during postinstall, the worm conducts local discovery, hunts for GitHub/NPM/cloud credentials, drops a malicious GitHub Action to exfiltrate secrets (often via webhook[.]site), and republishes infected versions of all packages owned by a compromised maintainer — accelerating propagation to hundreds of packages.

What You’ll takeaway:

  • How Shai-Hulud works — post-install execution  (bundle.js), local discovery, credential theft, GitHub Action persistence, and automated NPM republishing.
  • Why it’s a big deal — novel self-propagation within the NPM ecosystem; rapid spread to ~200 packages in the first 24 hours.
  • How to detect it — runtime signals (e.g., suspicious bundle.js activity, trufflehog execution, outbound calls during install, unusual public repo creation) and detections available in Sysdig Secure and Falco.
  • What to do now — inventory checks for affected packages, version pinning/rollback, credential rotation, blocking npm where needed, and GitHub hygiene.

Speakers:

  • Alberto Pellitteri — Sysdig Threat Research
  • Michael Clark — Sysdig Threat Research