Shai Hulud Supply Chain Attack Rocks npm Ecosystem, Exploiting GitHub Actions for Widespread Compromise

Source
#npm #supply-chain-attack #github-actions #security #ci-cd

The npm ecosystem is reeling from the Shai Hulud supply chain attack, which has compromised over 500 packages and 700 versions, marking a significant escalation from theoretical threats to actual damage. Major vendors including Zapier, Async API, Postman, PostHog, and ENS domains have been affected, with PostHog confirming a direct compromise via account takeovers. The attack leverages a sophisticated two-stage payload, initiated by a malicious pre-install script (setup_bun.js) added to package.json files. This script stealthily installs or locates the Bun runtime to execute a 10MB obfuscated payload (environment.js) in the background, suppressing all output to evade detection. This highly capable malware then seeks to exfiltrate sensitive data, including environment variables, hard-coded secrets (via trufflehog), and cloud provider API keys (AWS, GCP, Azure) through aggressive regional enumeration, alongside GitHub Action secrets.

Propagation primarily occurs by exploiting compromised GitHub Action workflows, particularly those using on: pull_request_target triggers for external contributions, as detailed in PostHog’s post-mortem. This vulnerability allowed arbitrary code execution in the target repository’s context, leading to the theft of GitHub Personal Access Tokens and npm publishing tokens. Once privileged, the malware manipulates CI environments to achieve root access, hijack DNS configurations to enable man-in-the-middle attacks, and aggressively search for npm tokens to publish poisoned package versions. Data exfiltration uses victim GitHub accounts to create public repositories, uploading triple Base64-encoded JSON files containing stolen credentials to bypass secret scanning. Developers are urged to immediately remove affected packages, delete node_modules folders, and rotate all API keys, tokens, and passwords. This incident underscores the critical importance of securing CI/CD pipelines and understanding execution contexts, highlighting that complex CI configurations, rather than npm fragility alone, represent a primary attack surface for sophisticated actors.