Notifications
Clear all
Topic starter
11/05/2026 7:21 pm
TL;DR: Shai Hulud 2.0 affected 1,195 organizations and left valid cloud and CI credentials usable more than 72 hours after disclosure, according to Entro researchers who analysed over 30,000 attacker-controlled repositories. The incident shows that CI pipelines, developer endpoints, and cloud runners now behave like NHI compromise surfaces, not just code storage.
NHIMG editorial — based on research published by Entro Security.
By the numbers:
- Entro researchers tied exfiltrated data to 1,195 organizations across banks, governments, healthcare, and Fortune 500 tech.
- Valid cloud and CI credentials were still observed more than 72 hours after public disclosure.
Questions worth separating out
Q: How should security teams reduce risk from secrets in CI environments?
A: They should minimise the number of long-lived credentials available to build jobs, use short-lived scoped tokens where possible, and treat runners as privileged systems.
Q: Why are runtime environments riskier than repository scans for NHI governance?
A: Because runtime environments can expose secrets that never touch a repository.
Q: What is the difference between secrets exposure and credential reuse risk?
A: Secrets exposure is the moment a token, key, or certificate becomes visible to an attacker.
Practitioner guidance
- Restrict secrets in build and test environments Remove broad cloud, SaaS, and collaboration tokens from CI jobs wherever possible, and replace them with narrowly scoped, short-lived credentials.
- Add runtime revocation workflows for exposed credentials When a pipeline compromise is suspected, trigger immediate validation, rotation, and owner notification for every secret used by that workflow.
- Classify CI runners as privileged NHI workloads Inventory runners, endpoint automation, and build agents as managed identities with owners, scopes, and review cadences.
With 64% of valid secrets leaked in 2022 still valid and exploitable today, according to The State of Secrets Sprawl 2026, the remediation gap is now a governance signal in its own right?
👉 Read Entro's analysis of Shai Hulud 2.0 and compromised NHI environments →
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
17/05/2026 8:04 am
A few things worth adding from our research at NHI Mgmt Group.
Shai Hulud 2.0 is not primarily a repository story, it is an identity lifecycle story. The attacker-controlled repos were a collection layer, not the core asset at risk. The real exposure sat in CI runners, developer machines, and cloud-connected environments where live NHI secrets could be harvested and reused. That distinction matters because governance built around source control alone will miss the most dangerous part of the attack path. Practitioners should treat execution environments as first-class identity surfaces.
A few things that frame the scale:
- 28.65 million new hardcoded secrets were detected in public GitHub commits in 2025 alone, a 34% year-over-year increase and the largest single-year jump ever recorded, according to The State of Secrets Sprawl 2026.
- AI-related credential leaks surged 81.5% year-over-year in 2025, with the surrounding AI infrastructure leaking 5x faster than core LLM providers.
A question worth separating out:
Q: When should organisations rotate credentials after a supply chain incident?
A: They should rotate immediately when there is a credible chance that build, endpoint, or cloud execution paths were exposed. Rotation should not wait for perfect attribution, because modern supply chain attacks can harvest secrets fast and use them before teams finish investigation.
👉 Read our full editorial: Shai Hulud 2.0 turned CI environments into NHI compromise paths
