I am sure you have heard about the recent supply chain attack on npm packages. Many news outlets and blogs are explaining the attack and the immediate and intermediate actions you can take to mitigate and prevent falling victim to this attack. If you are already affected, there are some recommendations you should follow.
For those who don’t know about this attack, the malicious packages contain a worm that activates after npm installation, scanning the environment for sensitive credentials such as .npmrc files, environment variables, and config files targeting GitHub PATs and cloud API keys (AWS, GCP, Azure). These credentials are exfiltrated to an attacker-controlled endpoint. The malware creates a public GitHub repository named "Shai-Hulud" under the victim's account to host stolen secrets. It also uses the compromised npm token to access the npm registry, infect other packages maintained by the developer, and publish malicious updates, enabling rapid, autonomous spread.
The basic steps to prevent this include following cautious procedures before npm installation, such as verifying all dependencies in your package and package-lock files, whether in your local development environment or your CI/CD pipelines, and enforcing MFA on your GitHub and npm accounts. If compromised, check your GitHub repositories for the presence of the Shai-Hulud repository and exposed public tokens.
Npm safe check
While there are general recommendations, if you are affected by the malware, you may need some detailed steps and guidance. During my internet search, I found several good detailed guidelines like the blog from Socket and StepSecurity and tried to consolidate all those points. I also looked for a database of all the identified vulnerabilities and didn’t find a ready-to-use format, so I created a json file here. Additionally, I developed a ready-to-use script in a repository that you can run locally or in your CI/CD pipelines to check the installed packages against the list of vulnerable ones. It can also be run before the next install to verify whether the packages you're about to install are safe. While the list may grow in the future, npm installations should be performed with caution. For example, follow npm ci with the --ignore-scripts flag to prevent any post-installation script execution from unknown vulnerable packages.
npmSafeCheck repository provides a script to check for known malicious npm packages (eg: related to the Shai-Hulud supply chain attack) before installing or upgrading dependencies. It also detects if any compromised packages are already installed in your project. It helps mitigate the risk of supply chain attacks by verifying package versions against a list of compromised packages identified as of 20th Sept 2025.
Usage
- Clone this repository or download the
npmSafeCheck.shscript andnpmMalwareChecklist.jsonfile. - Place the script and JSON file in your project root directory.
- Run the script BEFORE executing
npm installornpm update:
sh npmSafeCheck.sh
or you can run it as a npm script by adding the following to your package.json:
"scripts": {
"safe-check": "sh npmSafeCheck.sh"
}
If the script detects any known malicious packages, it will flag and provide guidance on mitigation steps.
You can also refer to a database of known compromised packages instead of the local JSON file.
An example of how to integrate this script into a CI/CD pipeline is provided in the
.github/workflows/ci.ymlfile.
Immediate actions guidance
If you have already installed or upgraded packages and suspect that your project may be affected by the Shai-Hulud attack, take the following immediate actions:
- Delete
node_modulesand lockfiles having malicious versions
rm -rf node_modules package-lock.json yarn.lock
- Clean npm cache
npm cache clean --force
- do a dry-run to check what packages will be installed , this will not run any install scripts but will show what packages will be installed
npm install --dry-run --ignore-scripts
- reinstall safe packages only using npm install with
--ignore-scriptsflag
npm install --ignore-scripts <safe-package>@<safe-version>
Avoid commands like
npm audit fixandnpm upgradeas they also install packages under the hoodpin to known-good versions using package-lock.json
and usenpm cifor future installs
npm ci --ignore-scripts
Search for repos or worklows or branches with name Shai-Hulud in your public GitHub repositories and indicators of compromise, like bundle.js hash, suspicious network calls, function calls or process executions.
Clean infected repositories('shai-hulud' branches and workflows). Referenced from: https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised#immediate-actions-required
# Check for and remove the backdoor workflow
rm -f .github/workflows/shai-hulud-workflow.yml
# Look for suspicious 'shai-hulud' branches in all repositories
git ls-remote --heads origin | grep shai-hulud
# Delete any malicious branches found
git push origin --delete shai-hulud
- Audit environments (CI/CD agents, developer laptops) that installed the affected versions for unauthorized publishes or credential theft.
- Rotate npm tokens and other exposed secrets if these packages were present on machines with publishing credentials.
- Turn on multifactor authentication on GitHub and npm.
- Audit Cloud Infrastructure for Compromise
- Monitor network logs for active exploitation.
- Monitor logs for unusual npm publish or package modification events.
- Verify Package provenance https://docs.npmjs.com/viewing-package-provenance, https://github.blog/security/supply-chain-security/introducing-npm-package-provenance/
Further guidance's and references: https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised#immediate-actions-required
https://socket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-again
Other preventive solutions I found are https://www.npmjs.com/package/@aikidosec/safe-chain and https://github.com/danielroe/provenance-action.
I am curious to know what more the developer community is doing to mitigate and prevent this, and how they are doing it.
Top comments (0)