The Mini Shai-Hulud worm is actively compromising legitimate npm packages by hijacking CI/CD pipelines and stealing developer secrets. StepSecurity's OSS Package Security Feed first detected the attack in official @tanstack packages and is tracking its spread across the ecosystem in real time.

StepSecurity

On May 11, 2026, ten malicious versions of official @tanstack/* packages were published to npm within six minutes, injected with a 2.3 MB obfuscated payload designed to steal GitHub tokens, npm tokens, and CI/CD secrets. The attack is attributed to the Shai-Hulud self-propagating worm, which hijacks legitimate CI/CD pipelines and uses stolen tokens to compromise additional packages. StepSecurity's OSS Package Security Feed detected the anomaly and confirmed it as a live supply chain attack. Notably, even packages with SLSA provenance and OIDC-based publishing were vulnerable, as the worm rides the legitimate build process rather than breaking into repositories. The incident spread to 10 malicious versions across 5 packages in under six minutes, illustrating how quickly a single compromised token can cascade through the npm ecosystem.

Mini Shai-Hulud Is Back: A Self-Spreading Supply Chain Attack Hits the npm Ecosystem