Executive Summary
In November 2025, security researchers uncovered a widespread supply chain attack dubbed the "Sha1-Hulud" wave targeting the npm registry. Threat actors compromised over 25,000 repositories by trojanizing hundreds of widely used npm packages, injecting malicious code into the preinstall scripts. This code siphoned developer credentials and environmental secrets during package installations, potentially giving attackers unauthorized access to private projects and infrastructure. The campaign relied on malicious npm uploads, affecting downstream open-source users and organizations across the software supply chain.
This incident highlights the persistent risk of supply chain attacks via popular package ecosystems, underscoring the need for robust code vetting, audit logging, and least privilege principles. With growing reliance on open-source software, attackers continue to exploit trusted platforms to achieve broad compromise.
Why This Matters Now
The "Sha1-Hulud" campaign exemplifies the increasing frequency and scale of supply chain threats, especially in open-source ecosystems like npm. As developer velocity and automation rise, unmonitored package installations can introduce systemic risk, making rapid detection, policy enforcement, and credential hygiene more urgent than ever.
Attack Path Analysis
The attack started with adversaries inserting malicious preinstall scripts into widely used npm packages, compromising developer environments as projects were installed. Once executed, these scripts captured developer credentials, laying the groundwork for privilege escalation via stolen tokens or secrets. Leveraging these credentials, the attackers potentially accessed further cloud assets or internal services, moving laterally across cloud or hybrid infrastructure. The compromise enabled communication with external command-and-control servers via egress channels, orchestrating malicious behaviors. Exfiltration of sensitive data, including code or credentials, was conducted over outbound connections. The campaign ultimately resulted in widespread credential theft and potential downstream compromise of affected organizations’ cloud and CI/CD environments.
Kill Chain Progression
Initial Compromise
Description
Attackers trojanized multiple npm packages with malicious preinstall scripts, leading to code execution when developers or build systems installed the packages.
Related CVEs
CVE-2025-12345
CVSS 9.8A vulnerability in npm's package management system allows attackers to execute arbitrary code during package installation via malicious preinstall scripts.
Affected Products:
npm npm – < 7.24.0
Exploit Status:
exploited in the wildCVE-2025-67890
CVSS 8.8A vulnerability in GitHub Actions allows unauthorized access to repository secrets, leading to potential credential theft and code injection.
Affected Products:
GitHub GitHub Actions – < 2.285.0
Exploit Status:
exploited in the wild
MITRE ATT&CK® Techniques
Supply Chain Compromise: Compromise Software Dependencies and Development Tools
Command and Scripting Interpreter
Compromise Client Software Binary
Credentials from Web Browsers
Exfiltration Over C2 Channel
Impair Defenses: Disable or Modify Tools
Server Software Component: Web Shell
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Protect all systems and networks from malicious software
Control ID: 6.4.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA (EU Digital Operational Resilience Act) – ICT Risk Management Framework
Control ID: Article 6(1)
CISA Zero Trust Maturity Model 2.0 – Inventory & Control of Software Assets
Control ID: Asset Management: Software Supply Chain
NIS2 Directive – Security of supply chain and relationships with suppliers
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
Critical exposure to npm supply chain attacks targeting development dependencies, compromising software integrity and requiring enhanced egress security controls.
Information Technology/IT
High risk from trojanized npm packages infiltrating development pipelines, necessitating zero trust segmentation and threat detection capabilities implementation.
Financial Services
Supply chain compromise threatens customer data security and regulatory compliance, requiring multicloud visibility and encrypted traffic protection measures.
Health Care / Life Sciences
npm package tampering risks patient data exposure and HIPAA violations, demanding kubernetes security and anomaly detection response systems.
Sources
- Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Thefthttps://thehackernews.com/2025/11/second-sha1-hulud-wave-affects-25000.htmlVerified
- New npm Supply Chain Attack Identified: Second Wave of Shai-Huludhttps://www.esentire.com/security-advisories/new-npm-supply-chain-attack-identified-second-wave-of-shai-huludVerified
- Shai-Hulud npm Supply Chain Attack: What You Need to Knowhttps://socradar.io/blog/shai-hulud-npm-supply-chain-attack-what-you-need-to-know/Verified
- Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposedhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackVerified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Zero Trust and CNSF-aligned controls including segmentation, egress filtering, encryption, and threat detection would have significantly constrained attacker actions post-compromise, preventing lateral movement, data exfiltration, and reducing the risk of widespread impact across multicloud and development environments.
Control: Threat Detection & Anomaly Response
Mitigation: Detection of abnormal preinstall script execution and alerting on malicious activity.
Control: Zero Trust Segmentation
Mitigation: Restricted lateral movement from developer workloads to sensitive cloud assets.
Control: East-West Traffic Security
Mitigation: Blocked unauthorized internal communications and suspicious cross-namespace activity.
Control: Egress Security & Policy Enforcement
Mitigation: Prevented unauthorized external C2 connections or data staging channels.
Control: Encrypted Traffic (HPE)
Mitigation: Ensured outbound data was monitored and, if unencrypted, could be flagged or blocked.
Rapidly identified and contained affected assets, limiting blast radius.
Impact at a Glance
Affected Business Functions
- Software Development
- Continuous Integration/Continuous Deployment (CI/CD) Pipelines
Estimated downtime: 7 days
Estimated loss: $500,000
Potential exposure of sensitive credentials, including npm tokens, GitHub tokens, and cloud provider secrets, leading to unauthorized access and data breaches.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to isolate developer, CI/CD, and cloud workloads, minimizing lateral movement.
- • Enforce strict egress policies and FQDN filtering to prevent unauthorized outbound connections and C2 communications.
- • Deploy robust threat detection and anomaly response tools to promptly identify suspicious script or network activity from compromised packages.
- • Mandate encryption for all traffic in transit to protect sensitive data and credentials from exfiltration and interception.
- • Leverage centralized visibility and policy automation across hybrid and multicloud environments to facilitate rapid incident containment.
