Sandworm in the Supply Chain: How the Shai-Hulud npm Attack Exposed NHI Risks

Read full article from CyberArk here:  https://www.cyberark.com/resources/all-blog-posts/sandworm-in-the-supply-chain-lessons-from-the-shai-hulud-npm-attack-on-developer-and-machine-identities/?utm_source=nhimg

The Shai-Hulud attack in September 2025 marked one of the most significant supply chain incidents in recent memory, targeting both human and machine identities across the npm ecosystem. Named after the colossal sandworm of Frank Herbert’s Dune, the malware spread like a worm through npm, stealing credentials, API keys, and tokens, and weaponizing compromised developers to propagate malicious updates.

What Happened?

• Compromised Maintainer Accounts: Attackers gained access to over 500 npm packages, likely via phishing, stolen tokens, or reused credentials.

• Poisoned Packages: Malicious payloads like bundle.js staged secret-harvesting tools (TruffleHog), exfiltrated environment variables, configuration files, and cloud credentials.

• Cross-Platform Worm: Linux, macOS, and Windows systems were all targeted, allowing propagation from developer endpoints to CI/CD pipelines.

• Exponential Spread: Within 24 hours, over 180 packages were poisoned, and the malware republished additional high-value packages using stolen maintainer credentials.

The Identity Angle

Shai-Hulud wasn’t just a malware outbreak—it was a perfect storm for identity security, exposing vulnerabilities across three layers:

1. Human Identities: Developer accounts compromised via weak or reused passwords, phishing, or insufficient MFA.

2. Machine Identities: Stolen tokens, API keys, and cloud credentials provided attackers with wide-reaching access.

3. Software Identities: Trusted packages were hijacked and weaponized, highlighting the need for signed and verifiable releases.

Attack Vectors and Immediate Mitigations

• Phishing & Spear-Phishing: Enforce phishing-resistant MFA and train maintainers.

• Leaked Tokens & Secrets: Rotate keys frequently, apply least privilege, and monitor repositories and CI logs.

• Credential Stuffing & Reuse: Require unique passwords through SSO with enforced MFA.

• Compromised Workstations or CI Pipelines: Harden endpoints, isolate build agents, and use ephemeral secrets.

• Third-Party App Abuse & Session Theft: Audit app permissions, enforce token binding, and monitor for anomalous activity.

Lessons Learned for Identity-First Security

• Secure Developer Accounts: SSO, MFA, and anomaly monitoring are critical.

• Lock Down Secrets: Vault credentials, rotate keys, and enforce least privilege.

• Harden CI/CD Pipelines: Sign builds, review workflows, and audit access.

• Manage Dependencies: Use internal package proxies, scan packages, and maintain a software bill of materials (SBOM).

• Plan Incident Response: Prepare playbooks, rotate secrets rapidly, and leverage threat intelligence feeds.

• Embrace Zero Trust in Dev Environments: Containers, sandboxes, and ephemeral environments reduce risk exposure.

Key Takeaway

Shai-Hulud demonstrates that identity is the last-standing perimeter in modern software supply chains. Protecting developers, machine credentials, and package trust relationships is essential to prevent supply chain attacks. Organizations must adopt identity-centric security practices, including least privilege, vaulting, monitoring, and signed packages, to stop the next worm before it burrows into your infrastructure.

“It’s not ‘Can we trust this code?’ but ‘How do we trust and verify the identity of every user, every commit, and every secret?’”

With the right identity-first strategy, supply chain threats become manageable—and preventable.