Shai-Hulud v2: The "Second Coming" of the npm Worm
In September, we covered the Shai-Hulud worm, a self-replicating attack that exposed just how fragile the npm supply chain can be. But as we know, successful malware rarely stays static. Late November marked the arrival of Shai-Hulud v2, or as its authors rather dramatically titled it, “The Second Coming”. This isn’t just a rerun; it’s a remaster. The new iteration is stealthier, more aggressive, and significantly more dangerous. While v1 was a wake-up call, v2 is a fire drill.