Shai-Hulud 2.0: "The Second Coming" npm worm (November 2025)
criticalpervasive
confirmed·submitted May 27, 2026·supply-chainnpmwormself-replicatingcredential-theft
A second, more aggressive self-replicating wave, with compromised package versions published between November 21-24, 2025. The payload moved to a preinstall hook (setup_bun.js dropping an obfuscated bun_environment.js), harvested developer and cloud secrets, and exfiltrated them to roughly 27,000 auto-created GitHub repositories referencing "Shai-Hulud: The Second Coming." Around 796 packages and 1,000+ versions were backdoored, including projects from Zapier, PostHog, Postman, AsyncAPI, ENS, and Browserbase. Remediation: rotate all developer/CI credentials, pin to versions published before November 21, 2025, and audit GitHub for unexpected repos and workflow files.
Affected packages
107 packages- npm@asyncapi/avro-schema-parser
3.0.26 - npm@postman/pm-bin-linux-x64
1.24.31.24.41.24.5 - npm@asyncapi/cli
4.1.3 - npm@asyncapi/converter
1.6.4 - npm@asyncapi/diff
0.5.1 - npm@asyncapi/generator
2.8.6 - npm@asyncapi/generator-components
0.3.3 - npm@asyncapi/generator-helpers
0.2.2 - npm@asyncapi/generator-react-sdk
1.1.4 - npm@asyncapi/html-template
3.3.2 - npm@asyncapi/java-spring-template
1.6.2 - npm@asyncapi/java-template
0.3.5 - npm@asyncapi/keeper
0.0.3 - npm@asyncapi/markdown-template
1.6.8 - npm@asyncapi/modelina
5.10.25.10.3 - npm@asyncapi/multi-parser
2.2.2 - npm@asyncapi/nodejs-template
3.0.5 - npm@asyncapi/nunjucks-filters
2.1.2 - npm@asyncapi/openapi-schema-parser
3.0.26 - npm@asyncapi/optimizer
1.0.6 - npm@asyncapi/parser
3.4.13.4.2 - npm@asyncapi/php-template
0.1.1 - npm@asyncapi/problem
1.0.1 - npm@asyncapi/protobuf-schema-parser
3.5.23.5.3 - npm@asyncapi/python-paho-template
0.2.14 - npm@asyncapi/react-component
2.6.7 - npm@asyncapi/server-api
0.16.24 - npm@asyncapi/bundler
0.6.6 - npm@asyncapi/studio
1.0.21.0.3 - npm@browserbasehq/bb9
1.2.21 - npm@browserbasehq/director-ai
1.0.3 - npm@browserbasehq/mcp
2.1.1 - npm@browserbasehq/sdk-functions
0.0.4 - npm@browserbasehq/stagehand
3.0.4 - npm@ensdomains/address-encoder
1.1.5 - npm@ensdomains/blacklist
1.0.1 - npm@ensdomains/ccip-read-dns-gateway
0.1.1 - npm@ensdomains/ccip-read-worker-viem
0.0.4 - npm@ensdomains/curvearithmetics
1.0.1 - npm@ensdomains/cypress-metamask
1.2.1 - npm@ensdomains/ensjs
4.0.3 - npm@ensdomains/hardhat-chai-matchers-viem
0.1.15 - npm@ensdomains/hardhat-toolbox-viem-extended
0.0.6 - npm@ensdomains/react-ens-address
0.0.32 - npm@ensdomains/renewal
0.0.13 - npm@ensdomains/server-analytics
0.0.2 - npm@ensdomains/subdomain-registrar
0.2.4 - npm@ensdomains/test-utils
1.3.1 - npm@ensdomains/thorin
0.6.51 - npm@ensdomains/ui
3.4.6 - npm@ensdomains/vite-plugin-i18next-loader
4.0.4 - npm@ensdomains/web3modal
1.10.2 - npm@posthog/agent
1.24.1 - npm@posthog/core
1.5.6 - npm@posthog/currency-normalization-plugin
0.0.8 - npm@posthog/databricks-plugin
0.0.8 - npm@posthog/drop-events-on-property-plugin
0.0.8 - npm@posthog/filter-out-plugin
0.0.8 - npm@posthog/first-time-event-tracker
0.0.8 - npm@posthog/heartbeat-plugin
0.0.8 - npm@posthog/hedgehog-mode
0.0.42 - npm@posthog/maxmind-plugin
0.1.6 - npm@posthog/nextjs
0.0.3 - npm@posthog/pagerduty-plugin
0.0.8 - npm@posthog/piscina
3.2.1 - npm@posthog/plugin-server
1.10.8 - npm@posthog/postgres-plugin
0.0.8 - npm@posthog/rrweb
0.0.31 - npm@posthog/rrweb-player
0.0.31 - npm@posthog/rrweb-record
0.0.31 - npm@posthog/rrweb-replay
0.0.19 - npm@posthog/taxonomy-plugin
0.0.8 - npm@posthog/twitter-followers-plugin
0.0.8 - npm@posthog/variance-plugin
0.0.8 - npm@posthog/web-dev-server
1.0.5 - npm@posthog/wizard
1.18.1 - npm@postman/aether-icons
2.23.22.23.32.23.4 - npm@postman/csv-parse
4.0.44.0.5 - npm@postman/final-node-keytar
7.9.17.9.27.9.3 - npm@postman/mcp-ui-client
5.5.15.5.25.5.3 - npm@postman/node-keytar
7.9.47.9.57.9.6 - npmposthog-react-native
4.11.14.12.5 - npm@postman/pm-bin-macos-arm64
1.24.31.24.41.24.5 - npm@postman/pm-bin-macos-x64
1.24.31.24.41.24.5 - npm@postman/pm-bin-windows-x64
1.24.31.24.41.24.5 - npm@postman/postman-collection-fork
4.3.34.3.44.3.5 - npm@postman/postman-mcp-cli
1.0.31.0.4 - npm@postman/postman-mcp-server
2.4.112.4.12 - npm@postman/pretty-ms
6.1.16.1.26.1.3 - npm@postman/secret-scanner-wasm
2.1.22.1.32.1.4 - npm@postman/tunnel-agent
0.6.50.6.6 - npm@postman/wdio-allure-reporter
0.0.70.0.80.0.9 - npm@postman/wdio-junit-reporter
0.0.40.0.50.0.6 - npm@zapier/ai-actions
0.1.19 - npm@zapier/ai-actions-react
0.1.120.1.13 - npm@zapier/babel-preset-zapier
6.4.2 - npm@zapier/browserslist-config-zapier
1.0.4 - npm@zapier/eslint-plugin-zapier
11.0.311.0.4 - npm@zapier/mcp-integration
3.0.13.0.2 - npm@zapier/secret-scrubber
1.1.4 - npm@zapier/spectral-api-ruleset
1.9.2 - npm@zapier/stubtree
0.1.20.1.3 - npm@zapier/zapier-sdk
0.15.50.15.6 - npmposthog-docusaurus
2.0.6 - npmposthog-js
1.297.3 - npmposthog-node
4.18.15.11.35.13.3 - npm@asyncapi/specs
6.10.16.8.26.8.3