The Shai Hulud threat actor campaign has evolved beyond planting direct backdoors in workflow files. Attackers are now exploiting misconfigured GitHub Actions triggers — specifically `pull_request_target` and `workflow_run` — in major open-source projects including AsyncAPI, PostHog, and Postman. Vulnerable workflow files were present for weeks before exploitation, and even existing PR-scanning tools failed to catch them. The attack chain allowed malicious npm packages to be published under unexpected usernames like 'codespace' and 'runner.' Recommendations include auditing CI workflow configurations for dangerous trigger patterns, monitoring dependencies for signs of compromise, and using real-time supply chain protection tools.
Table of contents
A quick refresherHow the attacker used GitHub Actions VulnerabilitiesWhat you should know and actions to takeSort: