SHA1-Hulud, npm supply chain incident

On November 24th, 2025, we identified a new supply chain attack in the npm ecosystem, referred to as SHA1-Hulud. We believe this is a second wave of the Shai-Hulud attack, which occurred in September 2025. 

Snyk will continue monitoring this active incident until it is resolved. Updates on this incident will be on our trust center.

What is it?

The SHA1-Hulud vulnerability is a worm that has the ability to infiltrate and execute attacker-controlled actions on affected machines. As of the publication of this blog, Snyk has identified over 600 distinct impacted npm packages, including popular packages from Zapier, Posthog, and Postman. We expect this number to grow over time as more packages are infected and discovered. 

How does it work?

The SHA1-Hulud worm spreads through trojanized npm packages that contain hidden preinstall scripts. When a developer or CI system installs one of these packages, the script runs automatically and deploys a payload that turns the compromised machine into an attacker-controlled GitHub Actions self-hosted runner. From there, the worm silently injects malicious workflows into repositories, enabling remote command execution and automated exfiltration of GitHub and npm secrets. It also searches the infected system for cloud credentials from AWS, Azure, and GCP—allowing the attacker to potentially compromise a broader set of targets, including source code repositories, CI/CD pipelines, and cloud infrastructure. Snyk has also received reports of sensitive user data from compromised developers being uploaded to GitHub repositories.

How is Snyk responding to this incident?

Snyk is automatically re-testing all our monitored customer assets to identify affected customers and will proactively notify them. We are also monitoring the set of affected packages and will update our vulnerability databases and Customized Zero-Day Incident Report as this evolves.

Updates on this incident will be posted on our trust center.

As we further investigate the SHA1-Hulud worm, we have seen some interesting characteristics. 

As mentioned previously, the worm attempts to harvest credentials on the developer or CI/CD system to access other repositories and spread itself. If credential harvesting is unsuccessful, Sha1-Hulud escalates further by attempting container breakouts and privilege escalation to access the host directly. Some variants even act as a wiper, deleting the user’s home directory as a destructive fallback. The worm’s ability to automatically propagate through package installations, CI pipelines, and cloud environments makes it a uniquely dangerous supply-chain threat—turning each new victim into a platform for further infection.

Compared to the Shai-Hulud

The original Shai Hulud campaign was one of the first large-scale npm supply-chain worms that spread via malicious packages containing hidden lifecycle scripts. It infected developers and CI systems, attempted to steal GitHub secrets, and used automated workflows to propagate itself. In many ways, it established the playbook: abusing npm’s preinstall hook, compromising GitHub repositories, and pivoting into cloud environments through stolen credentials.

SHA1-Hulud is essentially the next, more advanced generation of that idea. It utilizes the same core infection vector, trojanized npm packages with auto-executing scripts, but significantly expands the attack. It uses more advanced GitHub workflows for persistence and secret exfiltration, spreads faster by turning compromised machines into rogue CI runners, targets credentials across all major cloud providers, and even includes destructive fallback behavior that can wipe a user’s home directory. In short, Sha1-Hulud builds on the original Shai Hulud’s techniques but turns them into a broader, more automated, and more damaging worm.

What next?

A pattern is emerging where some of the standard techniques of binary malware cloaking are being used to make these new software supply chain attacks more evasive, harder to stop, and more dangerous.

Review our comprehensive list of affected npm packages by the SHA1-Hulud npm supply chain incident to determine if your projects are impacted.