npm has reset platform tokens following a large-scale supply chain attack linked to the Shai-Hulud malware campaign. The attacks compromised hundreds of npm packages and affected software connected to modern development environments and CI/CD workflows.
Security researchers warned that the campaign continues spreading through stolen credentials and automated package publishing systems. The incident has become one of the largest recent attacks targeting the npm ecosystem.
npm Invalidates Tokens After Supply Chain Attacks
npm confirmed that it invalidated granular access tokens with write permissions that bypass two-factor authentication. Developers using automated deployment systems must now replace stored credentials and update affected workflows.
The platform said the decision was made to reduce the risk of additional supply chain attacks connected to the Shai-Hulud malware campaign. However, researchers warned that the malware continues stealing newly generated credentials from infected environments.
npm previously retired its older classic tokens after earlier security incidents exposed the dangers of long-lived credentials with unrestricted access. The company replaced them with granular tokens that expire after a maximum of 90 days and support stronger authentication protections.
Despite those changes, many CI/CD systems still rely on automation tokens that bypass two-factor authentication requirements. Attackers heavily targeted those credentials during the latest malware campaign.
Shai-Hulud Malware Continues Expanding
Researchers described Shai-Hulud malware as a self-propagating worm capable of stealing npm credentials and automatically publishing malicious package updates. Once attackers compromise a development environment or deployment pipeline, the malware can rapidly spread poisoned packages across connected ecosystems.
The latest campaign reportedly compromised hundreds of packages tied to Alibaba’s @antv ecosystem alongside several popular standalone npm libraries. Many affected packages receive millions of downloads every week across modern JavaScript development environments.
Researchers also linked previous Shai-Hulud activity to attacks involving TanStack and other open-source ecosystems. The campaign continues targeting developer infrastructure, package repositories, and automated publishing systems.
Security researchers attributed the operation to TeamPCP, a financially motivated threat group that became increasingly active during late 2025. Reports claim the group encouraged additional attacks using the same malware infrastructure and stolen credentials.
npm Pushes Trusted Publishing Adoption
Following the attacks, npm is urging developers to move toward Trusted Publishing instead of relying on manually stored authentication tokens. The system uses OpenID Connect to issue short-lived credentials automatically through trusted services like GitHub.
The approach reduces the risks tied to long-lived tokens stored inside CI/CD systems and deployment pipelines. However, researchers warned that Trusted Publishing does not fully eliminate risks tied to compromised developer accounts or infected automation environments.
Reports also suggest attackers previously abused OIDC Trusted Publishing workflows during other supply chain incidents. That activity demonstrates how threat actors continue adapting to newer security controls inside software development ecosystems.
Supply Chain Threats Continue Growing
The Shai-Hulud malware campaign highlights the growing scale of supply chain attacks targeting open-source infrastructure. Attackers increasingly focus on package ecosystems, deployment pipelines, cloud credentials, and developer workflows because they provide broad downstream access.
Security researchers warned that self-propagating malware campaigns could become even more disruptive as automation spreads further across software development environments. Once malicious packages enter trusted ecosystems, attackers can quickly distribute malware to thousands of dependent systems.
The npm token reset also demonstrates how difficult it has become to fully contain modern supply chain attacks after credentials and automation systems become compromised.
Conclusion
The Shai-Hulud malware campaign forced npm to invalidate platform tokens after attackers compromised hundreds of packages across the ecosystem. Researchers warned that the attacks continue spreading through stolen credentials, CI/CD systems, and automated publishing workflows.
The incident also highlights the growing danger posed by software supply chain attacks targeting open-source infrastructure. As attackers increasingly automate these operations, organizations face mounting pressure to strengthen credential security and reduce reliance on long-lived authentication tokens.
0 responses to “Shai-Hulud Malware Forces npm Token Reset”