The Shai Hulud 2.0 worm, first detected on November 24, 2025, has compromised almost 1,200 organizations, together with main banks, authorities our bodies, and Fortune 500 know-how corporations.
Whereas preliminary studies described it as a easy npm provide chain assault that flooded GitHub with spam repositories, new evaluation reveals a much more refined operation.
Entro Safety researchers noticed that the malware didn’t simply create noise; it efficiently exfiltrated delicate runtime reminiscence and credentials from deep inside company CI/CD pipelines.
Early evaluation centered on the hundreds of attacker-controlled GitHub repositories generated by the worm. Nonetheless, researchers at Entro Safety have confirmed that these repositories had been merely the “assortment layer” for a a lot bigger heist.
The true harm occurred contained in the sufferer environments, developer endpoints, cloud construct servers, and self-hosted GitHub runners, the place the malware executed payload scripts in the course of the “preinstall” section of compromised npm packages.
As a substitute of simply scraping static information, Shai Hulud 2.0 captured full runtime environments. Entro Safety evaluation discovered that the generated artifacts, like surroundings.json, contained double-base64-encoded reminiscence snapshots.
Shai Hulud 2.0 Double-encoded reminiscence Snapshots
These snapshots allowed attackers to reconstruct the precise state of compromised machines, granting them entry to in-memory secrets and techniques that by no means appeared in code repositories.
The dimensions of the compromise is staggering. Entro researchers recognized 1,195 distinct organizations by analyzing e mail domains, inner hostnames, and tenant identifiers discovered within the exfiltrated information.
organizations Impacted (Credit: Entro)
Know-how and SaaS firms suffered probably the most from the assault, representing over half of the recognized victims.
Trade SectorNumber of Compromised OrgsTechnology / SaaS647Financial Providers & Banking53Healthcare38Insurance26Media21Telecom20Logistics15
Two particular examples spotlight the severity of the breach. The primary concerned one of many world’s largest semiconductor firms, the place a self-hosted GitHub Actions runner was compromised.
The decoded reminiscence dump uncovered energetic GitHub Private Entry Tokens and inner hostnames, proving the attackers had legitimate entry factors into the corporate’s inner infrastructure.
The second sufferer was a Tier-1 digital asset custody supplier. On this case, the malware struck a GitLab CI pipeline. The exfiltrated information included dwell AWS secret keys, blockchain manufacturing tokens, and Slack API keys.
Critically, scans carried out on November 27, three days after the preliminary disclosure, revealed that a few of these high-value credentials, together with Google Cloud Service Account keys, had been nonetheless legitimate and had not been revoked.
The GitHub repositories related to Shai Hulud 2.0 are being eliminated, however the stolen credentials stay within the attacker’s arms. The marketing campaign demonstrates that any surroundings the place code is executed, whether or not a neighborhood laptop computer or a cloud-based CI runner, is a possible goal for reminiscence scraping.
With legitimate secrets and techniques circulating days after the assault, organizations are urged to rotate all non-human identities and deal with their runtime environments as absolutely compromised.
Observe us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.
