Ongoing Supply Chain Attack: "Shai-Hulud" Malware Targets npm Packages

The "Shai-Hulud" malware is an ongoing supply chain attack targeting npm packages, documented in version 2.0 by Datadog Security Labs. The attack involves a self-replicating npm worm that compromises maintainers and spreads malicious packages, as detailed in indicators of compromise published on GitHub. French cybersecurity agency CERT-FR issued an alert (CERTFR-2025-ACT-051) regarding the threat. The incident follows the compromise of npm maintainer "Qix" in a separate supply chain attack, while additional 2025 npm phishing campaigns were reported by Aikido, Mimecast, and others. No specific CVE IDs or exact dates were mentioned in the referenced materials.