Shai-Hulud 2.0 worm compromises hundreds of npm packages

A supply chain attack called Shai-Hulud 2.0 is tearing through the npm ecosystemOpens a new window , compromising hundreds of packages and harvesting credentials from developer environments and CI/CD pipelines. Attackers compromised maintainer accounts from widely used projects like Zapier, PostHog, and Postman, and the worm is also stealing credentials from AWS, Azure, and Google Cloud Platform. Microsoft is calling it “one of the most significant cloud-native ecosystem compromises observed recently.”

This is actually round two. The original Shai-Hulud (clearly a reference to the giant sandworms of Dune, as sci-fi fans will immediately recognize) hit back in SeptemberOpens a new window . When companies scrambled to figure out whether they were affected, many of them couldn’t answer that question right away because they didn’t actually know what was running in their environments.

Why are they at a loss for answers? Modern software is built on layers of dependencies, from open-source libraries to vendor components, and most IT pros have no systematic way to track what’s actually in the stack. Add AI-generated code to the mix, and you’ve got software entering your environment with no clear lineage at all.

There are ways to close this supply chain visibility gap, though. Software bills of materials (SBOMs), dependency scanners, and attestation frameworks can give you visibility you’ve never had before. Many IT teams don’t know these capabilities exist, or assume they’re only for big enterprises with dedicated security staff. They’re not.

Why the supply chain visibility gap keeps widening

Ten years ago, a typical application might have had a handful of third-party dependencies. Now it’s often hundreds. According to Gartner research cited by Veracode, 70–90% of a typical applicationOpens a new window now consists of open-source components and third-party code. That’s not necessarily bad, since reusing well-maintained libraries beats building everything from scratch. But it also means your attack surface extends way beyond what your team directly controls.

Malicious actors are well aware of this, of course. According to Cyble’s research, attacks with supply chain implications have doubledOpens a new window since April 2025, averaging 26 incidents per month. The 2025 Verizon Data Breach Investigations Report (DBIR) found that 30% of breaches now involve a third partyOpens a new window , up from 15% before. Attackers can now gain access to thousands of downstream targets just by compromising one widely-used library.

Meanwhile, AI coding tools have introduced a new wrinkle. Whether your company has developers on staff or not, someone is probably using AI to generate code, and that code comes with dependencies nobody has vetted.

Case in point, AI coding tools sometimes recommend packages that don’t actually exist—a phenomenon known as “slopsquatting.” If an attacker registers one of those hallucinated package names and fills it with malicious code, anyone who follows the AI’s suggestion gets compromised. Vibe coding has made it easier than ever for non-technical staff to build useful tools, but it has also created new blind spots that traditional security approaches weren’t designed to catch.

Questions to ask about your supply chain exposure

Before you can close the visibility gap, you need to understand how wide it is. These questions can help you figure out where you stand, whether you’re running a team of ten or holding down the fort solo.

• Do you know what open-source libraries are running in production? Not just the ones you intentionally installed, but the transitive dependencies (the libraries your libraries depend on). Most vulnerabilities hide several layers deep.
• When did you last audit the software your vendors provide? That line-of-business application you’ve relied on for years has its own dependencies, and you’re trusting the vendor to keep them updated. Do you know if they’re actually doing that?
• Is anyone at your company using AI to generate code? This isn’t just a developer question anymore. Business users with access to tools like Replit, Cursor, or even ChatGPT can spin up working scripts without looping in IT. If you don’t know whether it’s happening, assume it is.
• Could you trace a vulnerable component back to its source if you needed to? When the next Log4j-style vulnerability drops, speed will matter. Companies that can quickly identify affected systems will patch faster and limit damage. Those that can’t will be stuck doing triage by guesswork.
• What would you do if a critical dependency was compromised tomorrow? If you don’t have a ready answer, you’re not alone. But that’s exactly the gap worth closing while you have the opportunity.

Free and low-cost tools that can close the visibility gap

You don’t need expensive enterprise software to start getting answers to these questions. A few free tools can take you surprisingly far, in fact. A software bill of materials (SBOM) is an inventory of everything that makes up a piece of software. Think of it as a nutrition label for code. It lists components, versions, and where they came from, giving you a foundation for tracking what’s actually in your environment.

SBOMs have been gaining traction since 2021, when a U.S. executive order started requiring them for federal contractors, but you don’t need a government mandate to benefit from them.

CISA and the National Security Agency (NSA), in collaboration with 19 international cybersecurity organizations, released joint guidance outlining a shared global vision of Software Bill of Materials (SBOM)Opens a new window in September 2025. While the guidance is voluntary for the time being, it’s a good indicator of how best practices are evolving in this area.

If you’re running a lean IT operation, the easiest place to start is asking your vendors for SBOMs. If they can’t provide one (or won’t), that tells you something. As Idan Dardikman, CTO of Koi Security and one of the first researchers to identify Shai-Hulud, told Dark ReadingOpens a new window , “You can’t protect what you can’t see, and knowing your software supply chain is the first step to securing it.”

You can use these free tools to generate SBOMs for software you build or maintain internally—even simple scripts and automations.

• Syft (from Anchore) generates SBOMs from container images and filesystems. It’s open source and straightforward to run.
• Grype scans SBOMs for known vulnerabilities, letting you quickly identify which components need attention.
• OWASP Dependency-Track is a free platform that lets you ingest SBOMs, monitor for new vulnerabilities, and track your exposure over time.

When it comes to formats, CycloneDX and SPDX are the two standards CISA recognizes, and most tools support both.

Attestation takes things a step further than SBOMs. It verifies not just what’s in software, but who built it and how. This is more advanced territory, but frameworks like SLSA (Supply-chain Levels for Software Artifacts) and Sigstore are making it more accessible. Even if you’re not ready to implement attestation yourself, understanding the concept helps you ask better questions when evaluating vendors.

Full-featured third-party risk management (TPRM) platforms can automate much of the work involved with identifying and addressing supply chain vulnerabilities, but they’re typically priced for larger enterprises. If you’re running a lean IT team, these free tools will give you a practical starting point.

Start building better supply chain visibility now

Software supply chain attacks have doubled over the past year, and every AI coding tool adds another source of unvetted dependencies. You’re not going to eliminate this risk entirely, but you can stop flying blind.

Yes, this is one more thing to think about when your plate is already full. But unlike some security initiatives that require budget battles and months of planning, this is one you can start moving the needle on today. The tools are free, the concepts aren’t complicated, and you don’t need a dedicated security team to make progress. By taking steps to bridge the gap now, you’ll have a much better sense of what you’re dealing with when the next supply chain incident darkens everyone’s doorstep.