The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. Although just about 10,000 of the exposed secrets were verified as valid by the open-source TruffleHog scanning tool, researchers at cloud security platform Wiz say that more than 60% of the leaked NPM tokens were still valid as of December 1st. The Shai-Hulud threat emerged in mid-September, compromising 187 NPM packages with a self-propagating payload that identified account tokens using TruffleHog, injected a malicious script into the packages, and automatically published them on the platform. In the second attack, the malware impacted over 800 packages (counting all infected versions of a package) and included a destructive mechanism that wiped the victim’s home directory if certain conditions were met. Pace of new GitHub accounts publishing secrets on new repositories Source: Wiz Wiz researchers analyzing the leak of secrets that the Shai-Hulud 2.0 attack spread over 30,000 GitHub repositories, found that the following types of secrets have been exposed: about 70% of the repositories had a contents.json file with GitHub usernames and tokens, and file snapshots half of them had the truffleSecrets.json file containing TruffleHog scan results 80% of the repositories had the environment.json file with OS info, CI/CD metadata, npm package metadata, and GitHub

A sophisticated supply chain attack compromised Zapier’s NPM account, infecting 425 packages with the Shai Hulud malware, a self-propagating worm targeting the Bun runtime environment. The attack weaponized widely used libraries (e.g., `@zapier/mcp-integration`), which collectively receive ~132 million monthly downloads, exposing thousands of downstream applications and organizations.The malware harvested credentials and exfiltrated them to GitHub repositories (26,300+ exposed repos), enabling lateral movement, unauthorized cloud access, and further compromises. While some payloads failed to deploy fully (missing `bun_environment.js`), the staging code (`setup_bun.js`) established persistence, leaving systems vulnerable to remote updates.The incident forced organizations to audit dependencies, rotate credentials, and monitor for IOCs, highlighting critical gaps in supply chain security and dependency integrity within the npm ecosystem. The scale of credential leaks and potential downstream breaches amplifies the long-term operational and reputational risks.