What is Shai-Hulud 2.0 and Sha1-Hulud npm worm?

Shai-Hulud 2.0 (also spelled Sha1-Hulud or called 'The Second Coming') is a self-replicating npm worm discovered on November 24, 2025. It compromised 790+ packages from Zapier, PostHog, ENS Domains, AsyncAPI, Postman, and CrowdStrike. The worm uses TruffleHog to steal credentials (GitHub tokens, AWS keys, npm tokens), exfiltrates secrets to attacker GitHub repos, and creates SHA1HULUD self-hosted runner backdoors. It can self-propagate to infect 100+ additional packages.

How do I detect the Shai-Hulud npm worm in my project?

Use the Shai-Hulud 2.0 Detector GitHub Action. Add 'uses: gensecaihq/Shai-Hulud-2.0-Detector@v1' to your workflow. It scans package.json, package-lock.json, yarn.lock, and pnpm-lock.yaml for compromised packages. It also detects setup_bun.js malware, bun_environment.js payloads, TruffleHog activity, and SHA1HULUD runner references. Scans complete in under 100ms.

Which packages were compromised in the Zapier PostHog ENS Domains npm hack?

790+ npm packages were compromised including: @zapier/* (babel-preset-zapier, ai-actions, zapier-platform-cli), @ensdomains/* (ensjs, ens-contracts, thorin), posthog-js, posthog-node, @postman/*, @asyncapi/* (cli, parser, generator), @ctrl/tinycolor, @crowdstrike/*, @voiceflow/*, @browserbase/*, and @oku-ui/*. These packages had 132+ million combined monthly downloads.

What is setup_bun.js and bun_environment.js malware?

setup_bun.js and bun_environment.js are malicious files injected by the Shai-Hulud 2.0 worm. The attack adds a preinstall script to package.json that runs setup_bun.js, which downloads the Bun runtime and executes bun_environment.js. This payload runs TruffleHog to scan for credentials, steals GitHub tokens, AWS keys, and npm tokens, then exfiltrates them to attacker-controlled repositories.

How does the npm preinstall script attack work?

Unlike traditional postinstall attacks, Shai-Hulud 2.0 uses preinstall scripts that execute BEFORE installation completes - even if installation fails. When you run 'npm install', the malicious preinstall hook runs setup_bun.js immediately. This downloads Bun runtime (to evade Node.js monitoring), runs TruffleHog credential scanner, steals secrets, and attempts to infect other packages you maintain.

Is there a free Shai-Hulud scanner or Sha1-Hulud detector?

Yes, the Shai-Hulud 2.0 Detector is 100% free and open-source under MIT license. It's the most comprehensive scanner available, detecting not just compromised package names but also malicious scripts (setup_bun.js, bun_environment.js), TruffleHog activity, webhook exfiltration endpoints, and SHA1HULUD runner backdoors. Available on GitHub Marketplace for any public or private repository.

What is The Second Coming npm supply chain attack?

'The Second Coming' is the name attackers gave to Shai-Hulud 2.0. The first Shai-Hulud attack occurred in September 2025, stealing approximately $50 million in cryptocurrency. The November 2025 'Second Coming' was far more aggressive - compromising 25,000+ GitHub repositories across 500 users within 72 hours, with the attack spreading at ~1,000 new repos every 30 minutes.

How do I protect my CI/CD pipeline from npm supply chain attacks?

Add the Shai-Hulud 2.0 Detector to your CI/CD pipeline: 'uses: gensecaihq/Shai-Hulud-2.0-Detector@v1' with 'fail-on-critical: true'. Additional protection: use npm --ignore-scripts flag, enable trusted publishing (OIDC) instead of tokens, pin dependencies to known-good versions, rotate all credentials (npm tokens, GitHub PATs, AWS keys), and limit outbound network access from build systems.

What credentials does Shai-Hulud steal using TruffleHog?

The Shai-Hulud worm uses TruffleHog to scan for and steal: GitHub Personal Access Tokens (PATs), npm authentication tokens, AWS credentials (ACCESS_KEY_ID, SECRET_ACCESS_KEY), Google Cloud Platform (GCP) keys, Microsoft Azure credentials, SSH keys, and any high-entropy secrets in your filesystem. Over 775 GitHub tokens, 373 AWS credentials, 300 GCP credentials, and 115 Azure credentials were confirmed stolen.

What is the SHA1HULUD self-hosted runner backdoor?

SHA1HULUD is a persistent backdoor created by the Shai-Hulud worm. It registers infected systems as GitHub Actions self-hosted runners, allowing attackers to execute arbitrary workflows remotely. Even after removing compromised packages, attackers can maintain access through these rogue runners. The Shai-Hulud 2.0 Detector scans for SHA1HULUD runner references in your workflows and configuration.

100% Free & Open Source

Detect & Block the
Shai-Hulud 2.0 npm Worm

Name: Shai-Hulud 2.0 Detector
Availability: InStock
Author: gensecaihq

Free scanner for the Shai-Hulud 2.0 (Sha1-Hulud) supply chain attack. Detects 790+ compromised packages from Zapier, PostHog, ENS Domains, AsyncAPI. Finds setup_bun.js malware, TruffleHog credential theft, and preinstall script exploits.

Star on GitHub -- Install from Marketplace

                    # Add to .github/workflows/security.yml

                    - uses: gensecaihq/Shai-Hulud-2.0-Detector@v1

                      with:

                        fail-on-critical: true

790+

Shai-Hulud Infected Packages

25K+

GitHub Repos Compromised

<100ms

Worm Detection Time

--

GitHub Stars

Shai-Hulud Worm Detection Features

Comprehensive Sha1-Hulud and npm supply chain attack detection beyond simple package matching

🎯

790+ Compromised Packages

Detects all known Shai-Hulud 2.0 infected packages including Zapier, PostHog, ENS Domains, AsyncAPI, Postman, and CrowdStrike namespaces with precise semver matching.

🔍

setup_bun.js Malware Detection

Identifies malicious preinstall scripts, setup_bun.js, bun_environment.js payloads, and TruffleHog credential scanning activity used by the Shai-Hulud worm.

🛡️

SHA1HULUD Runner Detection

Finds SHA1HULUD self-hosted runner backdoors that attackers use for persistent access. Scans workflows for rogue runner references.

📦

All Lockfile Formats

Scans package.json, package-lock.json, yarn.lock, pnpm-lock.yaml, and npm-shrinkwrap.json. Catches compromised direct and transitive dependencies.

🏢

Monorepo & Workspace Support

Automatically scans all packages in monorepos. Works with Lerna, Nx, Turborepo, pnpm workspaces, and Yarn workspaces.

⚡

CI/CD Pipeline Ready

Scans in under 100ms with SARIF output for GitHub Security. Works with GitHub Actions, GitLab CI, Jenkins, Azure DevOps, and CircleCI.

What is Shai-Hulud 2.0 / Sha1-Hulud npm Worm?

On November 24, 2025, the self-replicating Shai-Hulud 2.0 worm (also called Sha1-Hulud or "The Second Coming") compromised 790+ npm packages and 25,000+ GitHub repositories within 72 hours. This credential-stealing malware spread at ~1,000 new repos every 30 minutes.

Uses TruffleHog to steal GitHub PATs, npm tokens, AWS/GCP/Azure keys
Injects setup_bun.js and bun_environment.js via preinstall scripts
Self-propagates by infecting up to 100 additional packages
Creates persistent SHA1HULUD self-hosted runner backdoors
Destructive failsafe wipes home directory if exfiltration fails

Zapier ENS Domains PostHog AsyncAPI Postman CrowdStrike Voiceflow BrowserBase @ctrl/* +50 more

                            # Shai-Hulud Attack Chain

                            1. npm install @zapier/pkg

                            2. preinstall → setup_bun.js

                            3. Downloads Bun runtime

                            4. Executes bun_environment.js

                            5. Runs TruffleHog credential scan

                            6. Steals GitHub/npm/AWS tokens

                            7. Exfiltrates to GitHub repos

                            8. Infects 100+ more packages

                            9. Creates SHA1HULUD runner

How to Detect Shai-Hulud npm Worm in Your Project

Scan for Sha1-Hulud malware in 2 minutes with GitHub Actions

Create Workflow File

Add a YAML file to your .github/workflows directory with the detector action.

Push to Repository

Commit and push. The action runs automatically on every push and pull request.

Stay Protected

Compromised packages are blocked. Clean projects pass. It's that simple.

Help Detect & Stop the Shai-Hulud npm Worm

Join the open source community protecting JavaScript developers from Shai-Hulud 2.0. Star the project, report new compromised packages, or contribute detection rules. Every contribution helps stop the Sha1-Hulud supply chain attack.

Star on GitHub -- Contribute Report Issues

Released under the MIT License. Use it freely in personal and commercial projects.

Detect & Block theShai-Hulud 2.0 npm Worm