SYMBOLCOMMON_NAMEaka. SYNONYMS
js.shai_hulud (Back to overview)

Shai-Hulud

A Javascript-based worm propagating through GitHub repositories and exfiltrating tokens and other credentials.

References
2025-12-28Twitter (@CharlieEriksen)Charlie Eriksen
Tweet about sightings of a new Shai Hulud version
Shai-Hulud
2025-12-02ZscalerAtinderpal Singh
Shai-Hulud V2 Poses Risk To NPM Supply Chain
Shai-Hulud
2025-10-10ReversingLabsKarlo Zanki
Shai-hulud npm attack: What you need to know
Shai-Hulud
2025-09-19ZscalerAtinderpal Singh
Mitigating Risks from the Shai-Hulud NPM Worm
Shai-Hulud
2025-09-16Wiz.ioBarak Sharoni, Merav Bar, Rami McCarthy
Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Shai-Hulud

There is no Yara-Signature yet.