Shai-Hulud in npm: what it means for NHI governance

TL;DR: The second Shai-Hulud campaign weaponised trojanised npm packages to steal developer tokens, CI/CD secrets, cloud metadata, and GitHub access while spreading through compromised maintainer accounts, affecting more than 25,000 repositories and 425 packages with roughly 132 million monthly downloads, according to Orca Security. Package trust is no longer just a code-review problem; install-time execution, maintainer tokens, and pipeline identity controls now define the real blast radius.

NHIMG editorial — based on content published by Orca Security covering the Shai-Hulud npm supply chain campaign: LLMjacking-inspired credential abuse and package compromise analysis

By the numbers:

• In some bursts, about 1,000 new repositories were being added every 30 minutes.

Questions worth separating out

Q: What breaks when a malicious npm package can run install-time scripts?

A: The trust boundary breaks at the point of installation, because the package is no longer just a dependency.

Q: Why do compromised maintainer tokens create more risk than a single bad package?

A: A compromised maintainer token turns registry trust into a propagation path.

Q: How can security teams tell whether secret exposure from package installs is contained?

A: Containment is real only when exposed credentials are revoked, replacement identities are least privileged, and the build and repository estate has been searched for persistence markers.

Practitioner guidance

• Inventory package publishing identities Identify every npm publishing token, GitHub credential, and automation identity that can publish to your registries.
• Disable or constrain install-time scripts Review whether preinstall and postinstall hooks are necessary in your environments.
• Rotate and revoke exposed secrets immediately Treat any exposed npm, GitHub, or cloud credential as compromised until proven otherwise.

What's in the full article

Orca Security's full blog post covers the operational detail this post intentionally leaves for the source:

• A full package-by-package appendix of the compromised npm ecosystem and affected namespaces.
• The specific install-stage payload files and workflow artefacts used to establish persistence and exfiltration.
• Detailed remediation guidance for cache cleanup, dependency rebuilds, and token rotation across developer and CI/CD identities.
• Infrastructure indicators such as suspicious branch names, runner registration patterns, and artifact handling behaviour.

👉 Read Orca Security's analysis of the Shai-Hulud npm supply chain campaign →

Shai-Hulud in npm: what it means for NHI governance?

Explore further

View Full Forum →  |  NHI Foundation Course →