Shai-Hulud Worm Reloaded: A New Wave of NPM Supply Chain Attacks and How InvisiRisk Stops It
Shai-Hulud Worm Reloaded: A New Wave of NPM Supply Chain Attacks and How InvisiRisk Stops It Date of Attack: November 21-23, 2025. Impact: More than 800 NPM packages and 25,000 GitHub repositories were affected. The software supply chain has come under attack once again. Between November 21-23, the Shai-Hulud worm returned in a more aggressive […]
Shai-Hulud NPM Worm Attack: Overview and InvisiRisk Protection
Shai-Hulud NPM Worm Attack: Overview and InvisiRisk Protection A novel self-propagating malware strain dubbed the Shai-Hulud worm has recently infected hundreds of JavaScript (NPM) packages. Security researchers report that at least 187 NPM packages are known to have been compromised and the damage caused by this threat is suspected of impacting more than 500 packages […]