SAP npm Packages Compromised in 'Mini Shai-Hulud' Supply Chain Attack
Executive Summary
On April 29, 2026, a sophisticated supply chain attack targeted SAP's JavaScript and cloud application development ecosystem by compromising several npm packages, including mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2, and @cap-js/sqlite@2.2.2. The attackers introduced a preinstall script that downloaded and executed a malicious payload via the Bun JavaScript runtime, enabling the theft of developer credentials, GitHub and npm tokens, and cloud service secrets. The stolen data was exfiltrated to public GitHub repositories created on the victims' accounts, labeled with the description 'A Mini Shai-Hulud has Appeared.' (thehackernews.com)
This incident underscores the escalating threat of supply chain attacks targeting development environments, particularly within widely-used frameworks like SAP's CAP model. The attack's sophistication, including its ability to propagate through developer workflows and exploit AI coding agent configurations, highlights the need for enhanced security measures in software development pipelines. (thehackernews.com)
Why This Matters Now
The 'Mini Shai-Hulud' attack highlights the increasing sophistication of supply chain threats targeting development environments, emphasizing the urgent need for organizations to implement robust security measures to protect their software supply chains. (thehackernews.com)
Attack Path Analysis
Attackers compromised SAP-related npm packages to distribute credential-stealing malware. Upon installation, the malware executed scripts to exfiltrate sensitive information. The stolen credentials enabled unauthorized access to cloud services, facilitating further exploitation. The malware established command and control channels to receive instructions and exfiltrate data. Exfiltrated data included cloud credentials, service tokens, and private keys. The attack disrupted development environments and posed risks to enterprise applications built on the SAP CAP model.
Kill Chain Progression
Initial Compromise
Description
Attackers injected malicious code into SAP-related npm packages, leading to the distribution of credential-stealing malware upon installation.
MITRE ATT&CK® Techniques
Compromise Software Dependencies and Development Tools
User Execution: Malicious Library
Credentials from Password Stores
Application Layer Protocol
Command and Scripting Interpreter: JavaScript
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure all system components and software are protected from known vulnerabilities
Control ID: 6.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 6
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
CISA ZTMM 2.0 – Applications and Workloads
Control ID: Pillar 3
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
SAP-related npm package compromise exposes software development pipelines to credential theft through supply chain attacks targeting JavaScript applications and cloud development workflows.
Information Technology/IT
Supply chain attack on SAP npm packages threatens IT infrastructure security through compromised JavaScript libraries, requiring enhanced egress filtering and threat detection capabilities.
Financial Services
Credential-stealing malware in SAP packages poses significant risk to financial institutions using SAP systems, potentially compromising sensitive financial data and regulatory compliance.
Health Care / Life Sciences
Healthcare organizations using SAP applications face HIPAA compliance violations and patient data exposure through compromised npm packages containing credential-harvesting malware.
Sources
- SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attackhttps://thehackernews.com/2026/04/sap-npm-packages-compromised-by-mini.htmlVerified
- Emerging Supply Chain Attack ('Mini Shai-Hulud') Targeting SAP Cloud Application Programming Ecosystemhttps://onapsis.com/blog/sap-cap-mini-shai-hulud-supply-chain-attack/Verified
- TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packageshttps://socket.dev/blog/sap-cap-npm-packages-supply-chain-attackVerified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is pertinent to this incident as it could likely limit the attacker's ability to move laterally and exfiltrate sensitive data by enforcing strict segmentation and controlled egress policies.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: The CNSF may not directly prevent the initial compromise via malicious npm packages, but it could limit the malware's ability to communicate with other workloads.
Control: Zero Trust Segmentation
Mitigation: Zero Trust Segmentation would likely limit the malware's ability to access unauthorized cloud services, thereby reducing the scope of privilege escalation.
Control: East-West Traffic Security
Mitigation: East-West Traffic Security would likely constrain the attacker's ability to move laterally across cloud services, thereby limiting access to additional resources.
Control: Multicloud Visibility & Control
Mitigation: Multicloud Visibility & Control would likely limit the malware's ability to establish command and control channels, thereby reducing the effectiveness of remote commands.
Control: Egress Security & Policy Enforcement
Mitigation: Egress Security & Policy Enforcement would likely limit the exfiltration of sensitive data to external servers, thereby reducing data loss.
The implementation of CNSF controls would likely reduce the overall impact of the attack by limiting the attacker's ability to escalate privileges, move laterally, and exfiltrate data.
Impact at a Glance
Affected Business Functions
- Software Development
- Continuous Integration/Continuous Deployment (CI/CD) Pipelines
- Cloud Application Management
Estimated downtime: 2 days
Estimated loss: $50,000
Developer credentials, GitHub and npm tokens, GitHub Actions secrets, and cloud secrets from AWS, Azure, GCP, and Kubernetes.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict lateral movement and limit access to critical resources.
- • Enforce Egress Security & Policy Enforcement to monitor and control outbound traffic, preventing unauthorized data exfiltration.
- • Utilize Multicloud Visibility & Control to detect anomalous interactions and repeated malformed requests indicative of compromise.
- • Deploy Threat Detection & Anomaly Response mechanisms to identify and respond to covert tools and remote access attempts.
- • Regularly audit and update software dependencies to mitigate risks associated with supply chain compromises.
