Shai-Hulud 2.0 is a sophisticated supply-chain attack campaign targeting the npm package ecosystem, discovered in late 2025. This malware operates with unprecedented automation and speed, compromising hundreds of npm packages within hours, effectively acting as a worm. Once a package or npm account is infected, the malware harvests sensitive credentials and cloud secrets, enabling further lateral movement and persistence. It exploits GitHub Actions workflows to maintain a persistent backdoor, allowing attackers to execute arbitrary code and exfiltrate data through attacker-created public GitHub repositories. The attack leverages automation to propagate rapidly across npm accounts and packages, escalating the scale and speed of infection beyond previous supply-chain attacks. The campaign affects major projects and organizations, threatening the integrity of widely used software components. Indicators include multiple malicious file hashes associated with the malware. The attack techniques align with MITRE ATT&CK tactics such as command execution (T1059.007), supply chain compromise (T1195.001), credential access (T1552.001), persistence via GitHub Actions, and data exfiltration (T1105). No patches or CVEs are currently available, and no known exploits in the wild have been reported, indicating the threat is emergent but not yet fully weaponized in widespread targeted attacks. The attack’s automation and worm-like behavior make it a critical concern for software supply chain security and cloud environments reliant on npm and GitHub workflows.

For European organizations, the Shai-Hulud 2.0 attack poses significant risks due to the widespread use of npm packages and GitHub Actions in software development and cloud deployments. Compromise of npm packages can lead to the distribution of malicious code to downstream consumers, potentially affecting critical applications and services. Credential and cloud secret harvesting can result in unauthorized access to sensitive systems, data breaches, and lateral movement within corporate networks. The persistence mechanism via GitHub Actions backdoors complicates detection and remediation, increasing dwell time for attackers. Organizations with heavy reliance on open-source components and continuous integration/continuous deployment (CI/CD) pipelines are particularly vulnerable. The attack could disrupt software supply chains, degrade trust in open-source ecosystems, and cause operational outages or data loss. Given the automation and rapid propagation, infections could spread quickly across European enterprises, impacting sectors such as finance, technology, telecommunications, and government. The creation of numerous attacker-controlled GitHub repositories for exfiltration also raises concerns about data leakage and intellectual property theft. Overall, the attack threatens confidentiality, integrity, and availability of software supply chains and cloud environments in Europe.

European organizations should implement a multi-layered defense strategy tailored to the npm ecosystem and GitHub workflows. First, enforce strict access controls and multi-factor authentication (MFA) on npm and GitHub accounts to prevent unauthorized takeover. Regularly audit and monitor GitHub Actions workflows for unauthorized or suspicious changes, and restrict permissions granted to these workflows to the minimum necessary. Employ automated scanning tools to detect malicious code or unusual behavior in npm packages before deployment. Integrate supply-chain security tools such as Software Bill of Materials (SBOM) and provenance verification to track package origins and integrity. Rotate and securely store credentials and cloud secrets, using vault solutions that limit exposure to compromised environments. Monitor network traffic for unusual exfiltration patterns, especially to public GitHub repositories. Establish incident response plans specific to supply-chain compromises, including rapid package removal and account remediation. Collaborate with npm and GitHub security teams to report and remediate compromised packages swiftly. Finally, educate developers and DevOps teams about supply-chain risks and encourage adoption of secure coding and deployment practices to reduce attack surface.