Shai-Hulud-like npm Worm Attack A research team has discovered at least 19 malicious npm packages that are intended to steal developer and CI/CD secrets and propagate automatically throughout repositories and workflows, indicating that a new supply chain worm is actively targeting the npm ecosystem. Typosquatted npm packages and tainted GitHub Actions are used by the campaign, known as SANDWORMMODE, to infect CI pipelines and developer computers. Using two npm publisher aliases, the attackers pretended to be well-known Node.js utilities and AI coding tools.

The malicious packages maintain their expected functionality and seem normal. They covertly run a multi-stage JavaScript payload after importation, though. Injection of Carrier uses the GitHub API to add a hidden "carrier" dependency to publicly accessible repositories. Modification of Files adds malicious changes to package.json and lockfiles.

Injection of Workflow adds malicious GitHub workflows to repositories that have been compromised. Auto-Merge Attempts: To make changes seem authentic, auto-merge pull requests are attempted. Targeting AI Tools AI coding tools are another target of the worm.