★ 9/10 · General · 2026-04-30

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

A series of supply chain attacks, identified as the "Mini Shai-Hulud" worm, has compromised several npm and PyPI packages. The campaign, attributed to the threat actor TeamPCP, targets developer environments and CI/CD...

Captured 2026-04-30 23:21

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

Summary

A series of supply chain attacks, identified as the "Mini Shai-Hulud" worm, has compromised several npm and PyPI packages. The campaign, attributed to the threat actor TeamPCP, targets developer environments and CI/CD pipelines to steal credentials and propagate through the software ecosystem.

Key Points

  • Compromised npm packages within the SAP JavaScript and cloud application ecosystem include mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2, and @cap-js/sqlite@2.2.2.
  • The intercom-client npm package was identified in versions 7.0.4 and 7.0.5 as containing malicious code.
  • The PyPI package lightning (versions 2.6.2 and 2.6.3) was also found to be poisoned.
  • The malware utilizes malicious preinstall scripts in npm packages to execute code automatically during the installation process.
  • The payload is designed to harvest sensitive data, including GitHub tokens, npm credentials, Kubernetes tokens, GitHub Actions secrets, and cloud provider secrets (AWS, Azure, and GCP).
  • The attack features self-propagating capabilities, allowing it to infect additional repositories and package distributions.

Technical Details

The "Mini Shai-Hulud" attack employs a multi-stage payload architecture designed for both data theft and lateral movement. In npm-based attacks, the malware is embedded within preinstall scripts, ensuring execution occurs during the npm install phase before any application-level code is run. The payload is capable of advanced memory forensics, specifically targeting the extraction of secrets from runner memory during CI/CD processes.

Once credentials—such as cloud provider keys, npm credentials, and Kubernetes tokens—are harvested, the malware encrypts the stolen data. The exfiltration process is designed to be stealthy, utilizing the victim's own GitHub account to post the encrypted payloads into newly created public repositories. The malware also includes propagation logic to infect additional repositories and package distributions, facilitating its spread across the software supply chain.

Impact / Why It Matters

Developers and DevOps engineers must immediately audit dependency trees for the affected versions and rotate all potentially exposed credentials, including cloud, npm, and GitHub tokens. The worm-like nature of this attack means that a single compromised environment can lead to the widespread compromise of connected CI/CD pipelines and cloud infrastructure.

security supply-chain-attack npm malware

↳ Sources