securityaffairs.com via Reddit

Ox Security flags npm copycat attacks after Shai-Hulud leak

cybersecurity ai-security supply-chain

Key insights

  • Within 72 hours of TeamPCP open-sourcing Shai-Hulud, at least three distinct copycat campaigns targeted npm package maintainers.
  • The worm's GitHub Actions OAuth hijacking technique grants persistent pipeline access without stealing developer credentials directly.
  • Ox Security identified the copycat operations before broader disclosure, suggesting active threat intelligence monitoring of the npm ecosystem.

Why this matters

The 72-hour copycat timeline establishes a new benchmark for how quickly leaked offensive tooling gets operationalized against software supply chains, compressing the window defenders have to respond after any source code disclosure. For AI practitioners and founders relying on npm packages in their CI/CD pipelines, the GitHub Actions OAuth hijacking vector means a compromised upstream maintainer can silently backdoor production dependencies without triggering standard credential-theft detections. The dead-man's switch disk-wiper component shifts the threat profile from espionage to potential mass destruction, forcing security teams to treat npm dependency updates as a live incident surface rather than routine maintenance.

Summary

Three copycat operations are now running supply chain attacks against npm package maintainers, all built from the Shai-Hulud worm source code that TeamPCP open-sourced on GitHub less than a week ago. Ox Security tracked modified variants appearing within 72 hours of the code dump. The toolkit includes GitHub Actions OAuth hijacking and a dead-man's switch disk-wiper, which means the bar to run these attacks has dropped to copy-paste level. Any attacker with basic modification skills can now deploy the same techniques used in the original wave. Essentially: (TeamPCP, Ox Security) are on opposite ends of a weaponized open-source release that the broader attacker community is already exploiting. - Three distinct copycat campaigns confirmed, targeting a new pool of npm package maintainers. - GitHub Actions OAuth hijacking grants persistent access to package publishing pipelines without credential theft. - The dead-man's switch disk-wiper adds destructive capability that raises incident response costs if attackers lose control of infrastructure. Supply chain attack tooling is now effectively open source, and the npm ecosystem is absorbing the first wave of consequences.

Potential risks and opportunities

Risks

  • npm maintainers of high-download packages could unknowingly publish backdoored versions affecting millions of downstream users before Ox Security or GitHub detection catches the modification
  • Organizations that do not rotate GitHub Actions OAuth tokens in the next 30 days may already have persistent attacker footholds in their CI/CD pipelines from the original or copycat wave
  • If defenders take down attacker infrastructure without first disabling the dead-man's switch, the disk-wiper could trigger mass data destruction events at targeted organizations during the response window

Opportunities

  • Supply chain security vendors Socket.dev, Snyk, and Chainguard gain immediate budget leverage as npm-dependent engineering teams seek automated package integrity and provenance monitoring
  • Ox Security's early detection of all three copycat campaigns positions it for enterprise contracts with organizations running heavy npm dependencies in production AI pipelines
  • GitHub could accelerate its npm provenance attestation roadmap in response, opening procurement opportunities for signing infrastructure vendors built on Sigstore and Fulcio

What we don't know yet

  • Whether the three identified copycat groups have been attributed to known threat actors or remain unlinked to any prior campaigns
  • Which specific high-download npm packages are currently at risk or already compromised, given Ox Security has not published a public indicators-of-compromise list
  • Whether GitHub has revoked OAuth tokens generated through the hijacking technique or issued mitigations for the Actions workflow vector exploited by Shai-Hulud

Originally reported by securityaffairs.com

Read the original article →

Original headline: Shai-Hulud Worm Copycats Emerge From Leaked Source Code, New npm Attack Campaigns Detected