Shai Hulud is a malware family tracked across 13 threat clusters and 21 intelligence report mentions on ThreatCluster. First observed November 11, 2025; most recent activity June 4, 2026.
The TeamPCP threat group has expanded its supply chain attack campaign, compromising the Microsoft DurableTask Python client with versions v1.4.1, v1.4.2, and v1.4.3 found to contain a credential-stealing worm. This…
The Glassworm botnet, which has targeted software developers since early 2025, was taken down in a coordinated operation by CrowdStrike, Google, and the Shadowserver Foundation on May 26, 2026. This botnet utilized…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
The Shai Hulud worm has compromised more than 26,000 public repositories in a supply chain attack. The attack targeted various npm packages, exploiting vulnerabilities that allowed unauthorized access to these…
The Shai Hulud malware has been identified as a significant threat in NPM supply chain attacks, turning developers into unwitting distributors of malicious code. This malware typically executes during npm install…
Aikido Security has identified a third variant of Shai Hulud, which poses risks to the security of the open source supply chain. This discovery follows previous variants and highlights ongoing vulnerabilities in…
eSentire reported a significant rise in account compromises in 2025, with email-led intrusions linked to credential theft. The research, based on data from over 2,000 customers, indicated that account compromise…
Researchers have identified a modified variant of the Shai Hulud malware that has been embedded in npm packages. This new strain shows significant changes from the original version, indicating that threat actors are…
The Open VSX registry faced a supply chain attack after access tokens were leaked, allowing threat actors to publish malicious extensions. The GlassWorm malware campaign has returned with new extensions targeting…
The Shai Hulud malware has evolved, with a new variant impacting over 25,000 repositories and hundreds of npm packages. This malware campaign automates attacks on developer environments, affecting a significant number…