We are tracking the largest and most dangerous npm supply-chain compromise in history, known as the Shai-Hulud malware campaign, which has now impacted hundreds of packages across multiple maintainers. This includes popular libraries such as @ctrl/tinycolor as well as packages maintained by CrowdStrike. Malicious versions embed a trojanized script (bundle.js) designed to steal developer credentials, exfiltrate secrets, and persist in repositories and endpoints through automated workflows. The table below is continuously updated in real time as additional compromised packages are identified.

Subscribe for live updates

hubspot-form

What Happened?

Attackers published malicious versions of @ctrl/tinycolor and other npm packages, injecting a large obfuscated script (bundle.js) that executes automatically during installation. This payload repackages and republishes maintainer projects, enabling the malware to spread laterally across related packages without direct developer involvement. As a result, the compromise quickly scaled beyond its initial entry point, impacting not only widely used open-source libraries but also CrowdStrike’s npm packages.

The injected script performs credential harvesting and persistence operations. It runs TruffleHog to scan local filesystems and repositories for secrets, including npm tokens, GitHub credentials, and cloud access keys for AWS, GCP, and Azure. It also writes a hidden GitHub Actions workflow file (.github/workflows/shai-hulud-workflow.yml) that exfiltrates secrets during CI/CD runs, ensuring long-term access even after the initial infection. This dual focus on endpoint secret theft and backdoors makes Shai-Hulud one of the most dangerous campaigns ever compared to previous compromises.

What to Do?

Organizations should act quickly to contain the impact of the Shai-Hulud campaign.

• Begin by scanning across all endpoints - developer machines, build servers, and CI/CD agents - for the presence of impacted packages (Koi customers already got alerts for relevant packages)
• Any compromised versions should be removed immediately, and we recommend temporarily freezing npm package updates until the full scope of the attack is understood (Koi customers are protected via network guardrails)
• Next, perform a complete credential rotation, including GitHub, npm, AWS, GCP, and Azure tokens, since the malware is designed to harvest secrets from multiple environments
• Finally, audit your repositories for persistence mechanisms by reviewing .github/workflows/ for suspicious files such as shai-hulud-workflow.yml or unexpected branches

These steps will help reduce risk and limit attacker footholds while the investigation and cleanup continue.

Need Help?

Concerned your organization may be affected? Reach out to us for expert guidance on detecting compromised packages and mitigating this supply-chain attack.

IOCs

https://webhook[.]site/bb8ca5f6-4175-45d2-b042-fc9ebb8170b7

78e701f42b76ccde3f2678e548886860 [MD5] - bundle.js

fbf3fe241abf21b1a732352a037edec0 [MD5] - bundle.js

Confirmed Compromised Packages (Live Updates)