SecurityHorrors

Stories you never want to feel on your own skin

supply-chain npm pypi ci malware tokens

Mini Shai-Hulud: The Package That Crawled Through CI

Andras Bacsai's avatar
Andras Bacsai Monday, May 11, 2026
Mini Shai-Hulud: The Package That Crawled Through CI

Sources:

tldr: Mini Shai-Hulud is an ongoing npm and PyPI supply-chain attack reported by Socket in May 2026. Malicious package versions attempted to steal developer and CI secrets such as GitHub tokens, npm tokens, cloud credentials, Vault tokens, and Kubernetes tokens.

Affected packages and apps

  • Around 205 npm packages were reported affected, plus a small number of PyPI packages.
  • Notable affected npm package families included TanStack packages, OpenSearch packages, and @squawk/* packages.
  • Notable affected PyPI packages included mistralai and guardrails-ai.
  • Socket reported 84 compromised TanStack npm package versions in the May 11, 2026 wave.
  • Check Socket’s full compromised package list and compare against your lockfiles, CI logs, and package manager cache.

What to do

  • Remove affected versions and upgrade to clean releases.
  • Rotate exposed tokens and credentials.
  • Audit CI runners and developer machines that installed affected packages.
  • Review GitHub Actions, npm publishing tokens, cloud credentials, Vault tokens, and Kubernetes tokens.

Andras Bacsai's avatar
Andras Bacsai

Founder of coollabs.io | coolify.io | jean.build | serverlesshorrors.com | securityhorrors.com | llmhorrors.com | fonts.coollabs.io | ❤️ OSS & simplicity | 2 x dad, Entrepreneur.


Follow on Twitter

Suggest changes on GitHub