What happened
Shai-Hulud is the first wide-scale self-replicating worm observed on npm. The attacker chain looked roughly like this:
- A maintainer's npm token leaks (phishing, malicious dep, stale CI secret).
- A trojanized version of one of their packages is published, containing a post-install script.
- The post-install script searches the dev's machine and CI runners for other npm tokens, GitHub tokens, and cloud credentials.
- Anything it finds is exfiltrated to a public GitHub repo on the victim's own account — and the worm uses those tokens to publish trojanized versions of their packages too.
The worm spread faster than the human review cycle could catch up, which is
why this site exists: when a wave hits, you don't have hours to grep blog
posts. You need to know now whether any of your installed
name@version pairs match what's been pulled.
What to check
If you ran a Node toolchain between roughly 2025-09-14 and 2025-09-17:
- Pull a fresh inventory from every dev machine and CI runner.
- Verify against this site (see verify) — confirmed matches are reported loudly, suggestions softly.
- Rotate any npm, GitHub, and cloud tokens that lived on those machines.
- Audit your GitHub account for repos you didn't create. The worm dumps stolen secrets into a public repo named with a recognizable pattern.
Why it matters
Self-replicating supply-chain attacks change the math. A single leaked token is no longer a contained incident — it's a seed for the next wave. Treat maintainer credentials like production database creds, not like a convenience.