At approximately 0300 on the 24th of November 2025, a new wave of compromised open source packages began circulating in the npm ecosystem. This iteration (dubbed “Shai-Hulud: The Second Coming” by the attackers) is designed to leak developer secrets, including GitHub tokens, CI/CD credentials, and cloud credentials.
This is a targeted supply chain attack affecting over 425 packages, including high-traffic dependencies.
Here is what we know, how we responded, and what you need to do.
The malware creates unauthorized GitHub repositories on a compromised developer’s account. While the naming convention of the repository is random, the description reads “Shai-Hulud: The Second Coming”. The attack vector also involves specific malicious workflow files injected into repositories.
High-traffic packages confirmed as affected include Zapier, Postman, PostHog, and ENS Domains. The list of compromised packages continues to grow as upstream providers identify and remove malicious versions.
Cloudsmith immediately initiated an investigation and identified customers who may have pulled the compromised versions of these packages. We have notified potentially impacted customers with recommended remediation steps.
However, because upstream providers are still identifying and removing malicious versions, we strongly recommend you perform the audit steps below.
Identify
Investigate all repositories for dependencies that include affected packages.
Remediate
Monitor
Any GitHub, NPM, development related environment variables or secrets and Cloud credentials potentially affected should be monitored for misuse and rotated if compromise is suspected, ensuring this is done after the malicious packages have been removed and the workstation environment deemed safe
The software supply chain has been weaponized such that the challenge with supply chain attacks like Shai-Hulud is the gap between the release of a malicious package and its detection. Attackers rely on this window to infiltrate builds before security feeds have a chance to catch up.
To close this gap, organizations need to address protection in two distinct phases: defending against the unknown (Zero-Day) and managing the known (N-Day).
In the initial hours of an attack, before a CVE or MAL identifier exists, security tools are often blind. The most effective defense here is not signature detection, but metadata-based policy.
Enterprise Policy Management allows you to implement a "cool-down" period for new assets. By creating a policy that blocks or quarantines packages published within the last week, you effectively neutralize the threat of pulling malicious packages prior to detection. This ensures that no package enters your pipeline until it has been in the wild long enough to be vetted by the community and security researchers.
Once a threat is identified and cataloged, as these packages now are, the focus shifts to immediate isolation.
Cloudsmith’s continuous security capability constantly re-evaluates your stored artifacts against the latest threat intelligence streams. As soon as a package in your registry is flagged with a MAL identifier or vulnerability, Cloudsmith detects the change in status. When paired with Enterprise Policy Management, the platform can automatically trigger a quarantine action, preventing that specific version from being served to developers or build agents, without requiring manual intervention.
By layering these two approaches, metadata policies for zero-day prevention and continuous scanning for known threats, you replace manual investigation with automated governance.
We are continuing to monitor the situation. If you need assistance analyzing your logs or setting up EPM policies for package cool-down periods, please reach out to our support team.
By submitting this form, you agree to our privacy policy
