The Evolution of the Threat: Why Shai-Hulud 2.0 Forces Us to Redefine Software Supply Chain Security
As ICWT (In Cloud We Trust), OX Security's partner in Poland, our role is to monitor the evolution of threats and deliver solutions that address real-world challenges. Recent attacks on the open-source ecosystem, especially the return of Shai-Hulud malware in version 2.0, demonstrate that software supply chain risk no longer concerns only CVEs and coding flaws, but also compromised identities and trusted automation.
Scanning after the fact is no longer sufficient. We must move to a security model that anticipates threats by understanding the context of the code and the entire ecosystem. Developers are often unaware of the dependencies used by their code.
The Scale and Sophistication of the Shai-Hulud 2.0 Attack
Version 2.0, identified in November 2025 as "The Second Coming," showed the speed at which threats spread across the npm ecosystem. The first attack in September 2025 compromised more than 180 npm packages. The new wave in November 2025 affected more than 796 unique npm packages and 1,092 unique versions, impacting projects from Zapier, ENS Domains, PostHog, and Postman.
Credential Theft and Worm Propagation
The attack began with the takeover of developer accounts and the injection of malicious code into popular npm dependencies. The code harvested credentials by targeting:
- GitHub tokens (PATs/Actions secrets)
- npm tokens
- Cloud access keys (AWS, GCP, Azure)
- Other secrets via the Trufflehog tool
The self-propagation mechanism was particularly alarming: using stolen npm tokens, the worm automatically infected additional packages, incremented version numbers, and published them to npm.
A Deliberate Strike on the CI/CD Process and Cloud Environments
The attack was not limited to developers' machines. Around 20% of compromised machines were GitHub runners. The malware detected the CI environment through variables such as GITHUB_ACTIONS or GITLAB_CI.
In CI environments, the payload operated synchronously to keep the runner active. On developers' machines, it ran in the background to avoid raising suspicion.
The malware scraped configuration files and used SDK packages to interact with cloud instance metadata services (IMDS) in order to capture temporary authentication tokens.
Sophisticated Exfiltration and a "Safety Switch"
Unlike earlier attacks, Shai-Hulud 2.0 uses public GitHub repositories for data exfiltration, created using stolen tokens and marked with the description: "Sha1-Hulud: The Second Coming".
The attackers created a defensive mechanism: a dead man's switch. If an infected system loses access to GitHub and npm, the malware triggers a destructive payload, attempting to destroy user data by overwriting disk sectors or using the shred tool.
This tactic makes traditional incident response methods risky — they may lead to data destruction on thousands of infected systems.
OX Security: A Response to Identity-Based Security
Traditional approaches such as SAST (Static Application Security Testing) or DAST reveal their gaps in software supply chain protection. ICWT offers the OX Security platform, designed to address these issues by strengthening identities and CI/CD pipeline policies, rather than relying on the cleanliness of upstream packages.
Comprehensive Visibility and SBOM as the Foundation
OX Security operates as an advanced Software Composition Analysis (SCA) tool, delivering a Software Bill of Materials (SBOM).
It generates an SBOM enriched with contextual metadata — not only is it known which components are present, but also where they are used, whether they are reachable, and whether a fix is available. It provides continuous real-time monitoring of changes in components across repositories, registries, and CI/CD pipelines.
Policy Enforcement in CI/CD
Attacks such as Shai-Hulud 2.0 exploit compromised credentials. OX Security enables protection to be built into DevSecOps pipelines through:
- Blocking risky changes using policy rules in CI/CD pipelines
- Hardening identities and pipeline policies as everyday standards, promoting hardware-based 2FA, short-lived tokens, and disabling install scripts by default in CI
Contextual AI Analysis and Automated Remediation
When the Shai-Hulud attack occurred, OX customers would have seen it immediately on their security dashboards.
The analysis does not rely on simple pattern matching — its AI understands the real implications of package behavior, such as attempts to intercept core browser functions and APIs.
Upon detecting a malicious package, the platform identifies the incident as a Dependency-Chain Hijack and provides clear, automated remediation paths — specific recommendations instead of generic messages.
This protection is built into AI editors and IDEs, which means preventing vulnerabilities before they arise and shifting security left in the software development lifecycle.
Summary: Strengthening Your Organization's Resilience
In an era where 70–90% of code in modern applications comes from open-source dependencies, and attacks are increasingly targeting the takeover of credentials and automation, shared responsibility cannot rely on passively waiting for a patch.
Resilience is achieved by monitoring and strengthening the software development and integration process (CI/CD).
ICWT offers full support in the implementation and optimization of the OX Security platform. Do not let the evolution of threats catch your organization off guard — get in touch to discuss securing the software supply chain and protecting credentials against next-generation attacks.