← back to incidents

Shai-Hulud 2.0: "The Second Coming" npm worm (November 2025)

criticalpervasive
confirmed·submitted May 27, 2026·supply-chainnpmwormself-replicatingcredential-theft

A second, more aggressive self-replicating wave, with compromised package versions published between November 21-24, 2025. The payload moved to a preinstall hook (setup_bun.js dropping an obfuscated bun_environment.js), harvested developer and cloud secrets, and exfiltrated them to roughly 27,000 auto-created GitHub repositories referencing "Shai-Hulud: The Second Coming." Around 796 packages and 1,000+ versions were backdoored, including projects from Zapier, PostHog, Postman, AsyncAPI, ENS, and Browserbase. Remediation: rotate all developer/CI credentials, pin to versions published before November 21, 2025, and audit GitHub for unexpected repos and workflow files.

Affected packages

107 packages
  • npm@asyncapi/avro-schema-parser
    3.0.26
  • npm@postman/pm-bin-linux-x64
    1.24.31.24.41.24.5
  • npm@asyncapi/cli
    4.1.3
  • npm@asyncapi/converter
    1.6.4
  • npm@asyncapi/diff
    0.5.1
  • npm@asyncapi/generator
    2.8.6
  • npm@asyncapi/generator-components
    0.3.3
  • npm@asyncapi/generator-helpers
    0.2.2
  • npm@asyncapi/generator-react-sdk
    1.1.4
  • npm@asyncapi/html-template
    3.3.2
  • npm@asyncapi/java-spring-template
    1.6.2
  • npm@asyncapi/java-template
    0.3.5
  • npm@asyncapi/keeper
    0.0.3
  • npm@asyncapi/markdown-template
    1.6.8
  • npm@asyncapi/modelina
    5.10.25.10.3
  • npm@asyncapi/multi-parser
    2.2.2
  • npm@asyncapi/nodejs-template
    3.0.5
  • npm@asyncapi/nunjucks-filters
    2.1.2
  • npm@asyncapi/openapi-schema-parser
    3.0.26
  • npm@asyncapi/optimizer
    1.0.6
  • npm@asyncapi/parser
    3.4.13.4.2
  • npm@asyncapi/php-template
    0.1.1
  • npm@asyncapi/problem
    1.0.1
  • npm@asyncapi/protobuf-schema-parser
    3.5.23.5.3
  • npm@asyncapi/python-paho-template
    0.2.14
  • npm@asyncapi/react-component
    2.6.7
  • npm@asyncapi/server-api
    0.16.24
  • npm@asyncapi/bundler
    0.6.6
  • npm@asyncapi/studio
    1.0.21.0.3
  • npm@browserbasehq/bb9
    1.2.21
  • npm@browserbasehq/director-ai
    1.0.3
  • npm@browserbasehq/mcp
    2.1.1
  • npm@browserbasehq/sdk-functions
    0.0.4
  • npm@browserbasehq/stagehand
    3.0.4
  • npm@ensdomains/address-encoder
    1.1.5
  • npm@ensdomains/blacklist
    1.0.1
  • npm@ensdomains/ccip-read-dns-gateway
    0.1.1
  • npm@ensdomains/ccip-read-worker-viem
    0.0.4
  • npm@ensdomains/curvearithmetics
    1.0.1
  • npm@ensdomains/cypress-metamask
    1.2.1
  • npm@ensdomains/ensjs
    4.0.3
  • npm@ensdomains/hardhat-chai-matchers-viem
    0.1.15
  • npm@ensdomains/hardhat-toolbox-viem-extended
    0.0.6
  • npm@ensdomains/react-ens-address
    0.0.32
  • npm@ensdomains/renewal
    0.0.13
  • npm@ensdomains/server-analytics
    0.0.2
  • npm@ensdomains/subdomain-registrar
    0.2.4
  • npm@ensdomains/test-utils
    1.3.1
  • npm@ensdomains/thorin
    0.6.51
  • npm@ensdomains/ui
    3.4.6
  • npm@ensdomains/vite-plugin-i18next-loader
    4.0.4
  • npm@ensdomains/web3modal
    1.10.2
  • npm@posthog/agent
    1.24.1
  • npm@posthog/core
    1.5.6
  • npm@posthog/currency-normalization-plugin
    0.0.8
  • npm@posthog/databricks-plugin
    0.0.8
  • npm@posthog/drop-events-on-property-plugin
    0.0.8
  • npm@posthog/filter-out-plugin
    0.0.8
  • npm@posthog/first-time-event-tracker
    0.0.8
  • npm@posthog/heartbeat-plugin
    0.0.8
  • npm@posthog/hedgehog-mode
    0.0.42
  • npm@posthog/maxmind-plugin
    0.1.6
  • npm@posthog/nextjs
    0.0.3
  • npm@posthog/pagerduty-plugin
    0.0.8
  • npm@posthog/piscina
    3.2.1
  • npm@posthog/plugin-server
    1.10.8
  • npm@posthog/postgres-plugin
    0.0.8
  • npm@posthog/rrweb
    0.0.31
  • npm@posthog/rrweb-player
    0.0.31
  • npm@posthog/rrweb-record
    0.0.31
  • npm@posthog/rrweb-replay
    0.0.19
  • npm@posthog/taxonomy-plugin
    0.0.8
  • npm@posthog/twitter-followers-plugin
    0.0.8
  • npm@posthog/variance-plugin
    0.0.8
  • npm@posthog/web-dev-server
    1.0.5
  • npm@posthog/wizard
    1.18.1
  • npm@postman/aether-icons
    2.23.22.23.32.23.4
  • npm@postman/csv-parse
    4.0.44.0.5
  • npm@postman/final-node-keytar
    7.9.17.9.27.9.3
  • npm@postman/mcp-ui-client
    5.5.15.5.25.5.3
  • npm@postman/node-keytar
    7.9.47.9.57.9.6
  • npmposthog-react-native
    4.11.14.12.5
  • npm@postman/pm-bin-macos-arm64
    1.24.31.24.41.24.5
  • npm@postman/pm-bin-macos-x64
    1.24.31.24.41.24.5
  • npm@postman/pm-bin-windows-x64
    1.24.31.24.41.24.5
  • npm@postman/postman-collection-fork
    4.3.34.3.44.3.5
  • npm@postman/postman-mcp-cli
    1.0.31.0.4
  • npm@postman/postman-mcp-server
    2.4.112.4.12
  • npm@postman/pretty-ms
    6.1.16.1.26.1.3
  • npm@postman/secret-scanner-wasm
    2.1.22.1.32.1.4
  • npm@postman/tunnel-agent
    0.6.50.6.6
  • npm@postman/wdio-allure-reporter
    0.0.70.0.80.0.9
  • npm@postman/wdio-junit-reporter
    0.0.40.0.50.0.6
  • npm@zapier/ai-actions
    0.1.19
  • npm@zapier/ai-actions-react
    0.1.120.1.13
  • npm@zapier/babel-preset-zapier
    6.4.2
  • npm@zapier/browserslist-config-zapier
    1.0.4
  • npm@zapier/eslint-plugin-zapier
    11.0.311.0.4
  • npm@zapier/mcp-integration
    3.0.13.0.2
  • npm@zapier/secret-scrubber
    1.1.4
  • npm@zapier/spectral-api-ruleset
    1.9.2
  • npm@zapier/stubtree
    0.1.20.1.3
  • npm@zapier/zapier-sdk
    0.15.50.15.6
  • npmposthog-docusaurus
    2.0.6
  • npmposthog-js
    1.297.3
  • npmposthog-node
    4.18.15.11.35.13.3
  • npm@asyncapi/specs
    6.10.16.8.26.8.3
Community-driven supply-chain breach intel.A project from Aztecknology.