Supply Chain Attack “Shai-Halud” Targets 477 NPM Packages

A major supply chain attack dubbed “Shai-Halud” has impacted the JavaScript ecosystem by targeting over 477 NPM packages, raising serious concerns among developers and organizations relying on software from the Node Package Manager (NPM) registry.

This incident reveals both the scale and sophistication of modern threats to open-source software and highlights the urgent need for improved security measures within the development community.

Attack Details and Targets

The Shai-Halud campaign was first detected by security researchers who identified suspicious activities linked to CrowdStrike-related NPM packages.

The attackers gained unauthorized access to trusted publisher accounts, allowing them to upload malicious code to hundreds of legitimate packages hosted on NPM.

Some of the compromised packages include crowdstrike-sdk, crowdstrike-client, crowdstrike-api, and several others commonly used for integrating CrowdStrike functionality into security and automation solutions.