Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised

(socket.dev)

1208 points jamesberthoty | 3 comments | 16 Sep 25 11:22 UTC | HN request time: 0.646s | source

A lot of blogs on this are AI generated and such as this is developing, so just linking to a bunch of resources out there:

Socket:

- Sep 15 (First post on breach): https://socket.dev/blog/tinycolor-supply-chain-attack-affect...

- Sep 16: https://socket.dev/blog/ongoing-supply-chain-attack-targets-...

StepSecurity – https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-p...

Aikido - https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-...

Ox - https://www.ox.security/blog/npm-2-0-hack-40-npm-packages-hi...

Safety - https://www.getsafety.com/blog-posts/shai-hulud-npm-attack

Phoenix - https://phoenix.security/npm-tinycolor-compromise/

Semgrep - https://semgrep.dev/blog/2025/security-advisory-npm-packages...

Show context

gchamonlive ◴[16 Sep 25 11:36 UTC] No.45260844[source]▶

>>45260741 (OP) #

We've seen many reports of supply chain attacks affecting NPM. Are these symptoms of operational complexity, which can affect any such service, or is there something fundamentally wrong with NPM?

replies(10): >>45260897 #>>45260900 #>>45260903 #>>45260982 #>>45261023 #>>45261089 #>>45261173 #>>45261189 #>>45261245 #>>45268913 #

dist-epoch ◴[16 Sep 25 11:43 UTC] No.45260897[source]▶

>>45260844 #

It's just where the users and the juicy targets are.

NPM packages are used by huge Electron apps like Discord, Slack, VS Code, the holy grail would be to somehow slip something inside them.

replies(5): >>45260907 #>>45260947 #>>45260963 #>>45261266 #>>45261269 #

1. LeifCarrotson ◴[16 Sep 25 12:21 UTC] No.45261266[source]▶

>>45260897 #

It's both that and a culture of installing a myriad of constantly-updating, tiny libraries to do basic utility functions. (Not even libraries, they're more like individual pages in individual books).

In our line-of-business .NET app, we have a logger, a database, a unit tester, and a driver for some specialty hardware. We upgrade to the latest version of each external dependency about once per year (every major version) to avoid accruing tech debt. They're all pinned and locally hosted, nuget exists but we (like most .Net developers) don't use it to the extent that npm devs do. We read the changelogs - all four of them! - and manually update.

I understand that the NPM ecosystem works differently from a "batteries included" .Net environment for a desktop app, but it's not just about where the users are. Line of business code in .Net and Java apps process a lot of important data. Slipping a malicious package into pypi could expose all kinds of juicy, proprietary data, but again, it's less about the existence of a package manager and more about when and how you use it.

replies(1): >>45263106 #

2. dist-epoch ◴[16 Sep 25 14:51 UTC] No.45263106[source]▶

>>45261266 (TP) #

> Slipping a malicious package into pypi could expose all kinds of juicy, proprietary data

> In July 2024, Bittensor users were the victims of an $8 million hack. The Bittensor hack was an example of a supply chain hack using PyPI. PyPI is a site that hosts packages for the Python programming language

https://www.halborn.com/blog/post/explained-the-bittensor-ha...

replies(1): >>45265722 #

3. LeifCarrotson ◴[16 Sep 25 18:11 UTC] No.45265722[source]▶

>>45263106 #

Yes, there are hackers on every platform... but it feels like there's an NPM compromise announced about once a week.

↑