Dune-Inspired Malware Creating Supply Chain Havoc

The Shai-Hulud strain has become a dangerous credential harvesting tool.

Dune Sandworm Grandeduc
istock.com/Gradneduc
October 9, 2025

The Cybersecurity Infrastructure and Security Agency recently offered some guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as “Shai-Hulud”—has compromised over 500 packages.

After gaining initial access, the cyber actor deployed malware that scanned the environment for sensitive credentials. The cyber actor then targeted GitHub Personal Access Tokens (PATs) and application programming interface (API) keys for cloud services, including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. The malware then:

  • Exfiltrated the harvested credentials to an endpoint controlled by the actor.
  • Uploaded the credentials to a public repository named Shai-Hulud via the GitHub/user/repos API.
  • Leveraged an automated process to rapidly spread by authenticating to the npm registry as the compromised developer, injecting code into other packages, and publishing compromised versions to the registry.

CISA urges organizations to implement the following recommendations to detect and remediate this compromise:

  • Conduct a dependency review of all software leveraging the npm package ecosystem.
  • Check for package-lock.json or yarn.lock files to identify affected packages, including those nested in dependency trees.
  • Search for cached versions of affected dependencies in artifact repositories and dependency management tools.
  • Pin npm package dependency versions to known safe releases produced prior to Sept. 16, 2025.
  • Immediately rotate all developer credentials.
  • Mandate phishing-resistant multifactor authentication (MFA) on all developer accounts, especially for critical platforms like GitHub and npm.
  • Monitor for anomalous network behavior, blocking outbound connections to webhook.site domains and monitoring firewall logs for connections to suspicious domains.
  • Harden GitHub security by removing unnecessary GitHub Apps and OAuth applications, and auditing repository webhooks and secrets.
  • Enable branch protection rules, GitHub Secret Scanning alerts, and Dependabot security updates.

Offering additional perspective on the attack were David Linder, CISO at Contrast Security, and Tom Pace, CEO of software supply chain cybersecurity firm NetRise.

"The CISA recommendations are a fantastic starting point, but to truly get ahead of the next threat, you need to build on them with a more proactive defense," offers Linder. "A key part of this is using runtime SCA, which goes beyond predeployment scans by giving you a live, real time view of what third party code is actually executing in your production environment. 

"This provides the ground truth of what's running. Even with that advanced visibility, I can't recommend version pinning enough. It is the most powerful and direct line of defense you have. 

"A critical part of this strategy includes establishing an incubation period, meaning you should intentionally wait before adopting the very latest package updates. This buffer period gives the community time to discover issues, so you're not the first to find a malicious package. 

"By combining an incubation period with explicitly locking in trusted versions, you effectively lock your project's 'front door'. As a final safety net, ensure strong network controls are in place to prevent any code from reaching out to unknown or untrusted locations, containing the potential damage if a compromise ever occurs."

Pace continues, "CISA’s recent alert on the Shai-Hulud compromise in the npm ecosystem captures the evolving nature of software-supply-chain risk. What began as a JavaScript package infection quickly escalated into a credential-harvesting operation. 

"This incident reinforces a critical point: software risk extends far beyond vulnerabilities in code. Misconfigurations, embedded secrets, and insecure cryptographic material are just as dangerous—and often far more easily exploited.

"We believe the npm compromise illustrates why visibility must extend into the compiled software itself, not just the source repositories that describe it. Most SBOMs today are created from source-code manifests. These files capture intent—what developers planned to include. But during compilation and linking, a series of well-understood build-time changes can alter that reality:

  • Dependency resolution: Build tools may choose older or cached versions of libraries based on local environments.

  • Static linking and vendoring: Packages often embed third-party code directly, bypassing dependency managers.

  • Transitive inclusions: Build systems automatically pull in secondary or tertiary packages not listed in manifests.

  • Build-specific flags and optimizations: Compiler options can inline or modify code, introducing functional divergence.

"The result is that source-derived SBOMs often diverge from the software actually shipped and executed. That gap can conceal vulnerabilities, untracked components, or even malicious payloads inserted earlier in the supply chain.

"CISA’s 2025 Minimum Elements for a Software Bill of Materials (SBOM) draft takes important steps toward closing this gap. New elements—Component Hash, Generation Context, and Coverage—move SBOMs closer to describing artifacts rather than aspirations. These changes recognize that the software an organization deploys is not the same as the software defined in source control. 

"In our formal comments to CISA, we urged the agency to go one step further: require validation of every SBOM against the compiled binaries or containers they represent. Only then can agencies or enterprises confirm that a declared SBOM actually matches the operational software.

"Equally important, the npm incident demonstrates that a complete SBOM must describe more than just known vulnerabilities (CVEs). CISA’s alert highlighted how attackers exploited credentials and API keys rather than exploiting a specific CVE. This kind of non-CVE risk—hard-coded secrets, exposed certificates, or weak encryption—rarely appears in conventional SBOMs. Yet these often represent the entry points adversaries use to escalate privileges or move laterally.

"The npm compromise is yet another example of how attackers need not exploit source vulnerabilities when credentials, misconfigurations, and opaque build processes offer easier access. To meet that challenge, the security community must ensure that SBOMs reflect the software we run, not merely the software we write."

Related Stories
FIU cybersecurity researchers developed SHIELD, a real-time defense system against drone hijacking. The research team from L-R: PhD candidate Jean Tonday Rodriguez, undergraduate student Mohammad Kumail Kazmi, lead researcher and associate professor Mohammad Ashiqur Rahman and PhD candidate Muneeba Asif.
Cybersecurity
FIU Cybersecurity Researchers Develop Midflight Defense Against Drone Hijacking
Ep429
Cybersecurity
Jaguar Land Rover Restarts Production; Provides Lifeline to Critical Suppliers
I Stock 2198660010 (1)
Cybersecurity
Jaguar Land Rover Faces 'Real Danger' During Manufacturing Restart
An entrance to the Stargate artificial intelligence data center complex in Abilene, Texas on Monday, Sept. 22, 2025.
Cybersecurity
OpenAI Now Worth $500 Billion, Possibly Making It the World's Most Valuable Startup
More in Cybersecurity
Cybersecurity
Automotive Ransomware Attacks More Than Doubled in 2025
More AI, expanded autonomous technologies and evolving threat actors are elevating cyber risks.
Automobile Cockpit, Various Information Monitors And Head Up Displays
Cybersecurity
SBOM Regs Rolled Back
The two Biden-era memoranda required agencies to obtain software security attestations before deployment.
Us Binary Flag Mirsad Sarajlic
Cybersecurity
Threats Targeting Employee Credentials Surge 389 Percent
Credentials are being stolen in as little as 14 minutes.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Shadow AI Threats Grow
Productivity pressures are pushing many to bypass safeguards, increasing exposure to data leaks.
Insider Threat Leo Wolfert
Cybersecurity
Report Shows AI-Enabled Threats As Top Concern
AI could help hackers take greater advantage of visibility shortcomings.
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
The Domino Effect of a Data Breach
Here are some strategies to detect breaches faster and limit their capacity for damage.
Coding
Cybersecurity
AI Won’t Replace the Cybersecurity Workforce, But It Will Redefine It
AI is framed as a multi-faceted solution, but the conversation often goes off course.
Ai Your Photo
Cybersecurity
Security Breach: Strengthening Your Weakest Links
All the little things can kill a cybersecurity strategy, but there are ways to tie them all together.
Ep157
Cybersecurity
The Rise of Identity and Data Security Dependency
Predictions on what will shape industrial cybersecurity in 2026 and beyond.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Securing the Edge in AI-Enabled Smart Factories
Growing data needs have manufacturers between a rock and a hard place.
Sase Supatman
Cybersecurity
How AI Is Transforming Cybersecurity Threats in 2026
Social engineering, deep fakes and more will benefit from the evolution of artificial intelligence.
Deepfake Orhan Turan
Cybersecurity
Inside The Mind of a Hacker
The report details how hackers are moving to a more collaborative, AI-enhanced approach.
General Cyberattack
Page 1 of 55
Next Page