"Over 170 packages across multiple high-profile NPM and PyPI projects were compromised in a new, coordinated Mini Shai-Hulud software supply chain attack. The campaign hit 42 TanStack packages, 65 UiPath packages, Mistral AI's PyPi packages, the OpenSearch JavaScript client, over a dozen Squawk packages, the Guardrails AI PyPI package, and other popular modules. TeamPCP, the infamous hacking group that orchestrated several supply chain attacks across multiple open source software ecosystems over the past few months, was blamed for the campaign."
"The same as in previous campaigns, the Mini Shai-Hulud worm targets sensitive information, including developer credentials, API keys, tokens, cloud credentials and secrets, cryptocurrency wallets, and secrets associated with AI tools and messaging applications. It attempts to propagate by using compromised NPM and GitHub Actions tokens to publish malicious versions of the packages the victim has write access to. The malware was also observed installing a persistent daemon to poll GitHub every minute, to verify for token revocation, and checking the system language to avoid infecting Russian users."
"Dead-drop commit branch names used in the attack are taken from Frank Herbert's Dune saga, and the malware's repositories have the "Shai-Hulud: Here We Go Again" description. The new supply chain campaign was flagged shortly after malicious package artifacts were published through the legitimate TanStack release pipeline, and was then observed spreading to additional packages."
"Unlike previous TeamPCP intrusions, which relied on stolen secrets to compromise accounts and modify packages, the TanStack attack chained three known security weaknesses to release 84 malicious artifacts across 42 packages. The attackers staged their payload in a GitHub fork, injected the payload into published NPM tarballs, and then hijacked the project's C"
A coordinated Mini Shai-Hulud software supply chain attack compromised over 170 packages across major NPM and PyPI ecosystems. The campaign targeted 42 TanStack packages, 65 UiPath packages, Mistral AI PyPI packages, the OpenSearch JavaScript client, multiple Squawk packages, and the Guardrails AI PyPI package. The activity was attributed to TeamPCP. Dead-drop commit branch names referenced Dune, and malware repositories used the description “Shai-Hulud: Here We Go Again.” The worm targeted sensitive information including developer credentials, API keys, tokens, cloud credentials and secrets, cryptocurrency wallets, and secrets tied to AI tools and messaging applications. It propagated by using compromised NPM and GitHub Actions tokens to publish malicious package versions. It also installed a persistent daemon that polled GitHub every minute to detect token revocation and checked system language to avoid infecting Russian users. The TanStack incident began after malicious artifacts were published through a legitimate release pipeline and then spread to additional packages by chaining three known weaknesses to release 84 malicious artifacts across 42 packages.
#software-supply-chain-attacks #npm-package-compromise #pypi-malware #credential-theft #cicd-token-abuse
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]