Malware analysis, threat hunting, and attack investigations
1 article
In Frank Herbert's science fiction classic "Dune", the Shai-Hulud, a massive sandworm, strikes unpredictably beneath the sands of the desert planet Arrakis. In 2025, a digital version appeared: the Shai-Hulud Node Package Manager (NPM) worm. This self-replicating malware infiltrates the NPM supply chain, stealing credentials and causing chaos across numerous repositories. Following its second wave (November 21 to 23), this serves as a reminder that vigilance is vital in the open-source world. For developers, DevSecOps engineers, and security leaders using NPM packages, we recommend taking protective measures as soon as possible.
See how Mondoo can help you find and fix vulnerabilities faster.
