You are currently viewing Worm in the Code: npm Supply Chain Attack Compromises 40+ Packages

Worm in the Code: npm Supply Chain Attack Compromises 40+ Packages

A major supply chain attack has been uncovered in the npm ecosystem, where more than 40 widely used packages were found compromised. The campaign, powered by a self-replicating malware dubbed “Shai-Hulud”, is actively spreading and exfiltrating sensitive credentials. Developers and organizations using npm must take immediate action to secure their environments.

Vulnerability Details

The attack leverages a worm-like payload injected into legitimate npm packages. Once installed, the malware scans for developer and CI/CD secrets such as GitHub and npm tokens, then uses them to publish further malicious package versions. This self-propagating mechanism allows the compromise to spread quickly across the ecosystem, making it one of the most severe npm incidents to date.

The worm also creates malicious GitHub Actions workflows in compromised repos, enabling persistence and continuous theft of new secrets. This turns every infected maintainer into a new attack vector.

Affected Products

The Shai-Hulud attack has compromised over 180 npm packages across a wide range of popular and critical libraries used in JavaScript development. This widespread compromise impacts development environments on Windows, Linux, and macOS. Below are some of the most notable packages affected:

  • @ctrl/tinycolor: A popular color manipulation library with millions of weekly downloads; early infected package spreading the malware widely.
  • koa2-swagger-ui: Used in API documentation for Koa2 framework, trojanized versions executed malicious payloads.
  • json-rules-engine-simplified: Provides decision automation and business logic capabilities, now a vector for automated malware spread.
  • @nativescript-community/ui-material-core (and related packages): Mobile UI component libraries compromised, impacting cross-platform mobile app development.
  • ngx-toastr: Widely used Angular notification library, infected to infect front-end ecosystems.
  • react-complaint-image: React component affected, showing the breadth of the attack reaching UI and front-end packages.

Each of these packages was modified to include a malicious post-install script that automatically runs on install, harvesting secrets such as GitHub and npm tokens, credentials to cloud services, and CI/CD environment variables. Using these stolen credentials, the malware autonomously pushed infected updates to other packages under the control of the compromised maintainers, allowing rapid self-propagation.

Mitigation & Remediation

Given the active exploitation, immediate mitigation is critical:

  • Remove malicious package versions from your projects.
  • Rotate all developer and CI/CD tokens (GitHub PATs, npm tokens, cloud keys).
  • Audit repositories for unauthorized GitHub Actions workflows.
  • Patch build environments and restrict long-lived tokens.

npm maintainers should also review publishing rights and reset access credentials to prevent further abuse.

Tactics, Techniques, and Procedures (TTPs)

Attackers are exploiting the trust model of package management to execute arbitrary code in developer and CI pipelines.

  • TA0002 – Execution: Malicious code executes when installing infected npm packages.
  • T1203 – Exploitation for Client Execution: Vulnerabilities in developer environments are abused for code execution.
  • T1537 – Exfiltration: Secrets are stolen and uploaded to attacker-controlled infrastructure.

Other Vulnerabilities Addressed

This campaign has drawn attention to broader ecosystem risks. Security firms emphasize the importance of dependency hygiene, ephemeral tokens, and strict CI/CD controls to prevent future supply chain compromises.

Instantly Fix Risks with Saner Patch Management

Saner patch management is a continuous, automated, and integrated software that instantly fixes risks exploited in the wild. The software supports major operating systems like Windows, Linux, and macOS, as well as 550+ third-party applications.

It also allows you to set up a safe testing area to test patches before deploying them in a primary production environment. Saner patch management additionally supports a patch rollback feature in case of patch failure or a system malfunction.

Experience the fastest and most accurate patching software here.