Threat Insight

NPM Packages Struck by Potentially New Self-Replicating Worm

According to Aikido[1], a malicious update has been distributed to multiple NPM packages. While the exact details of what makes this update malicious are unknown at this time, there are indicators suggesting it may be a new variant of the self-replicating “Shai Hulud” NPM worm, previously observed in a supply chain attack detailed in the article 500+ npm Packages Compromised in Ongoing Supply Chain Attack ‘Shai-Hulud’

  • Insight

Wiz has observed the following behaviors[2]:

  • Execution using install lifecycle scripts.
  • New payload files – setup_bun.js and bun_environment.js.
  • Expanded targeting across the PostHog, Postman, and AsyncAPI ecosystems.
  • Once installed, the malware exfiltrates developer and CI/CD secrets to GitHub repositories with names referencing Shai-Hulud.

Affected Products

We have changed the list so that it only shows packages that has been confirmed compromised, with the corresponding compromised version number according to Wiz[2].

Zapier Packages

@zapier/zapier-sdk – 0.15.5, 0.15.6, 0.15.7
zapier-platform-core – 18.0.2, 18.0.3, 18.0.4
zapier-platform-cli – 18.0.2, 18.0.3, 18.0.4
zapier-platform-schema – 18.0.2, 18.0.3, 18.0.4
@zapier/mcp-integration – 3.0.1, 3.0.2, 3.0.3
@zapier/secret-scrubber – 1.1.3, 1.1.4, 1.1.5
@zapier/ai-actions-react – 0.1.12, 0.1.13, 0.1.14
@zapier/stubtree – 0.1.2, 0.1.3, 0.1.4
zapier-scripts – 7.8.3, 7.8.4

ENS Domains Packages

@ensdomains/ens-validation – 0.1.1
@ensdomains/content-hash – 3.0.1
ethereum-ens – 0.8.1
@ensdomains/react-ens-address – 0.0.32
@ensdomains/ens-contracts – 1.6.1
@ensdomains/ensjs – 4.0.3
@ensdomains/dnssecoraclejs – 0.2.9
@ensdomains/address-encoder – 0.1.5

Other Impacted Publishers

@posthog/agent – 1.24.1

Recommended Actions

  • Truesec recommends that you disable “postinstall” to reduce the risks of being exploited by a malware similar to this one.
  • Uninstall or pin to known-good versions until patched releases are verified.
  • Audit environments (CI/CD agents, developer laptops) that installed the affected versions for unauthorized publishes or credential theft.
  • Rotate npm tokens and other exposed secrets if these packages were present on machines with publishing credentials.
  • Monitor logs for unusual npm publish or package modification events.

If you require assistance in implementing these principles and best practices or tailoring them to your specific environment, please do not hesitate to contact Truesec for expert support.

For further reading on the subject, see the article Npm Supply-Chain Attacks: How to Reduce Risk.

References

[1] https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains
[2] https://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attack

Stay ahead with cyber insights

Newsletter

Stay ahead in cybersecurity! Sign up for Truesec’s newsletter to receive the latest insights, expert tips, and industry news directly to your inbox. Join our community of professionals and stay informed about emerging threats, best practices, and exclusive updates from Truesec.