Signal//Noise #022 - Another Day, Another Shai-Hulud episode artwork

EPISODE · Jun 14, 2026 · 25 MIN

Signal//Noise #022 - Another Day, Another Shai-Hulud

from Signal // Noise · host Chris Loehr & Bob Miller

637 malicious npm packages in 22 minutes. Here is what happened, who is at risk, and what to do right now.On May 19, 2026, the Shai-Hulud supply chain poisoning campaign hit the npm ecosystem again. A single automated publisher account poisoned 317 package names including high-download AntV and echarts-for-react dependencies, deploying a complete credential theft and self-propagation kill chain against developer workstations and CI/CD pipelines worldwide. WHAT WE COVER- How 637 malicious package versions were published in 22 minutes via automated npm pipeline- Three payload variants: lightweight external-ref (defeats static scanning), full-featured embedded credential stealer, and enhanced worm with self-propagation- Why the Python Dead-drop C2 hiding in GitHub commit search traffic is nearly undetectable- GitHub's response: 640 packages removed and 61,274 npm tokens invalidated- Attribution: why SlowMist calls this a probable copycat and why that matters more than the actor identityKEY TAKEAWAYS- npm lifecycle hooks execute with user privileges on install with no sandbox and no confirmation prompt- AI coding assistant configuration files are now a viable attacker persistence vector most security programs do not cover- Stolen npm OIDC tokens enable self-propagation: your own packages can become infection vectors for your downstream usersABOUT THE SHOWSignal // Noise is a cybersecurity podcast where Chris Loehr and Bob Miller break down the latest security incidents, threats, and trends. Subscribe for weekly analysis that helps security professionals and business leaders stay ahead of emerging threats.RESOURCES- Original article: https://slowmist.medium.com/threat-intelligence-shai-hulud-supply-chain-poisoning-cloud-credential-theft-and-1b8a3a4edd12- Microsoft Security Blog (Mini Shai Hulud): https://www.microsoft.com/en-us/security/blog/2026/05/20/mini-shai-hulud-compromised-antv-npm-packages-enable-ci-cd-credential-theft/- SlowMist MistEye IOC Platform: https://enterprise.misteye.io/threat-intelligence/SM-2026-650212- SafeDep analysis: https://safedep.io/mini-shai-hulud-strikes-again-314-npm-packages-compromised/- Endor Labs SLSA forgery: https://www.endorlabs.com/learn/mini-shai-hulud-returns-42-malicious-npm-packages-fake-sigstore-badges-in-antv-ecosystem-attack- StepSecurity durabletask: https://www.stepsecurity.io/blog/microsofts-durabletask-pypi-package-compromised-in-supply-chain-attackTAGSMini Shai-Hulud, Shai-Hulud npm, supply chain attack, npm malware,

637 malicious npm packages in 22 minutes. Here is what happened, who is at risk, and what to do right now.On May 19, 2026, the Shai-Hulud supply chain poisoning campaign hit the npm ecosystem again. A single automated publisher account poisoned 317 package names including high-download AntV and echarts-for-react dependencies, deploying a complete credential theft and self-propagation kill chain against developer workstations and CI/CD pipelines worldwide. WHAT WE COVER- How 637 malicious package versions were published in 22 minutes via automated npm pipeline- Three payload variants: lightweight external-ref (defeats static scanning), full-featured embedded credential stealer, and enhanced worm with self-propagation- Why the Python Dead-drop C2 hiding in GitHub commit search traffic is nearly undetectable- GitHub's response: 640 packages removed and 61,274 npm tokens invalidated- Attribution: why SlowMist calls this a probable copycat and why that matters more than the actor identityKEY TAKEAWAYS- npm lifecycle hooks execute with user privileges on install with no sandbox and no confirmation prompt- AI coding assistant configuration files are now a viable attacker persistence vector most security programs do not cover- Stolen npm OIDC tokens enable self-propagation: your own packages can become infection vectors for your downstream usersABOUT THE SHOWSignal // Noise is a cybersecurity podcast where Chris Loehr and Bob Miller break down the latest security incidents, threats, and trends. Subscribe for weekly analysis that helps security professionals and business leaders stay ahead of emerging threats.RESOURCES- Original article: https://slowmist.medium.com/threat-intelligence-shai-hulud-supply-chain-poisoning-cloud-credential-theft-and-1b8a3a4edd12- Microsoft Security Blog (Mini Shai Hulud): https://www.microsoft.com/en-us/security/blog/2026/05/20/mini-shai-hulud-compromised-antv-npm-packages-enable-ci-cd-credential-theft/- SlowMist MistEye IOC Platform: https://enterprise.misteye.io/threat-intelligence/SM-2026-650212- SafeDep analysis: https://safedep.io/mini-shai-hulud-strikes-again-314-npm-packages-compromised/- Endor Labs SLSA forgery: https://www.endorlabs.com/learn/mini-shai-hulud-returns-42-malicious-npm-packages-fake-sigstore-badges-in-antv-ecosystem-attack- StepSecurity durabletask: https://www.stepsecurity.io/blog/microsofts-durabletask-pypi-package-compromised-in-supply-chain-attackTAGSMini Shai-Hulud, Shai-Hulud npm, supply chain attack, npm malware,

NOW PLAYING

Signal//Noise #022 - Another Day, Another Shai-Hulud

0:00 25:51

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Techlore Surveillance Report Techlore Techlore Surveillance Report is your weekly deep-dive into the privacy and security news that matters for your digital freedom. Hosted by Henry Fisher, founder of Techlore and long-time digital rights educator, each episode cuts through the noise to bring you carefully selected stories with the context, analysis, and historical perspective you need to truly understand what's happening to protect yourself (and others!) in the digital space.Topics covered include:• Privacy tool updates and vulnerabilities• Data breaches and cybersecurity incidents• Surveillance technology and government overreach• Big Tech privacy policies and practices• Encryption and security standards• Digital rights legislation and court cases• Open-source software developments• Corporate data practices and accountabilityWhether you're a beginner trying to stay informed or a seasoned expert tracking the ecosystem, Surveillance Report has Explicit Tri-Cities Mixtape 3cmxtp [email protected], mp3, or Download LinkAll Genres welcome to submit music.We aim to be a signal boost for PNW Musical Artists, and offer a playlist that will be as diverse as the artists actively creating music in the Tri-Cities, PNW, and beyond.Also, we will feature interviews with local artists, venue owners, journalists, DJs, musically tangential people.Logo Designed by Heather Yu Williamson (@brownie.pops) Explicit Modern Noise Media Suplex City Limits Suplex City Limits is an uncensored comedy pro wrestling podcast featuring weekly guests. Explicit The Most Important Question Important, Not Important You already know things are broken. You read the news, you listen to the analysis, you've got the outrage. What you don't have is a plan.The Most Important Question — 6x Webby-nominated, 2x Signal Award-nominated — is a weekly conversation with one person who stopped asking "what can I do?" and went and found out. Not pundits. Not commentators. The scientists, doctors, nurses, journalists, farmers, activists, and policymakers who are doing the actual work on the frontlines of climate, public health, democracy, AI, food, water, medicine, and justice.Host Quinn Emmett goes deep with each of them — the infectious disease doctor building new outbreak surveillance tools, the investigative journalist who traced how forever chemicals got into 97% of our blood, the economist building emergency lifeboats for foreign aid that got axed overnight, one of the greatest writers alive reckoning with the history we were never taught — and every conversation ends with something nobody else gives Explicit

Frequently Asked Questions

How long is this episode of Signal // Noise?

This episode is 25 minutes long.

When was this Signal // Noise episode published?

This episode was published on June 14, 2026.

What is this episode about?

637 malicious npm packages in 22 minutes. Here is what happened, who is at risk, and what to do right now.On May 19, 2026, the Shai-Hulud supply chain poisoning campaign hit the npm ecosystem again. A single automated publisher account poisoned 317...

Can I download this Signal // Noise episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!