This morning, we were alerted to a large-scale attack against npm. This appears to the be work of the same threat actors behind the Nx attack on August 27th 2025. This was originally published by Socket and StepSecurity who noted 40 packages had been comrpomised, since then an additional 147 packages have been infected with malware including packages from CrowdStrike.
The scale, scope and impact of this attack is significant. The attackers are using the same playbook in large parts as the original attack, but have stepped up their game. They have turned it into a full worm, which does these things automatically:
- Steal secrets and publish them to GitHub publicly
- Run trufflehog and query Cloud metadata endpoints to gather secrets
- Attempt to create a new GitHub action with a data exiltration mechanism through webhook[.]site
- Iterate the repositories on GitHub a user has access to, and make them public
Since our initial alert this morning we’ve confirmed the following additional behaviours and important details. For those that don’t know, Shai Hulud is the name for the worm in the Dune franchise. A clear indication of the intent of the attackers.
Removed by mod
Why do you tell us that?
Removed by mod
Easy there, you’re making a bunch of assumptions and accusations here. For starters, I do understand how spoilers work, I read the spoilers and I don’t think it adds a lot of value to the conversation.
I’m technically from a CS background, but not in the field relevant to this post. I also don’t think people assume this topic to be basic. I happen to understand about 80% of it, but only ever have contact with about 20%, and that’s despite working in a CS-related field myself. And yes, I’ll keep using that abbreviation, because it’s convenient and I know that you understand it.
The short answer to “how does this affect me?” is “if you don’t know what npm is it, it doesn’t affect you”.
The intention of the blog article and the post sharing it is to get a specific warning out to a specific technical group. This group doesn’t want to scroll past three paragraphs of context they already know to get to the parts that matter. They can’t cater to every audience, so they prioritise the people that can do something with their understanding.
Unfortunately, that means that other people are left out of the conversation, because frankly, they have nothing to contribute. That’s neither malice nor arrogance, but simply expediency.
However, you’re welcome to ask! Chances are, someone will be happy to answer and fill you in on the background. More specifically, someone may be able to give a subject-specific explanation. Most importantly, that explanation will be more reliable if it comes from a human familiar with the topic.
Chatbots, no matter how diligently made to look like they know stuff, don’t and can’t know anything except the likelihood certain words occur together. They don’t have the required structure to understand the concepts behind the words. At best, they have memorised hundreds of generic explanations they can reconstruct, and hopefully that reconstruction will be accurate. But how would you know? You yourself don’t have the expertise to tell if they’re right.
And because they don’t understand the concepts, they also can’t reliably connect the dots the way a human can. The more dots to connect, the greater the chance something will go awry. The bot can’t tell you “I don’t know” if it doesn’t understand what it means to know. It will generate a text that looks plausible, and you can’t verify whether it’s actually true.
In the interest of actually getting a useful understanding, ask humans. The answer might look something like this:
NPM packages are boxes of highly specialised supplies and tools. NPM itself is an assistant that keeps your supplies stocked and your tools in shape. You tell it what you want for your project and it’ll make sure you have it.
The thing this post is about is a kind of evil robot that hides in these boxes. When your friendly NPM helper restocks, the robot crawls out of the box and starts exploring your workshop. It tells others what you’re building, what it looks like, shares any secret technology you’re using, creates and sends out copies of your keys – anything you’ve got lying around, it will attempt to make available for the people that built it.
The worst thing is that it’ll build copies of itself and hide them in any boxes you create and send out to other people. If one supplier ships to five others, that’s five more recipients under attack. If two of them also ship out to five other people each, that’s another ten. And it gets bigger and bigger from here.
So there we have it: An evil robot stealing your secrets and sending clones to anyone who trusts your product.
We realise we’re not mundane. We just don’t have the time to explain everything all the time. That’s a problem all sciences (and many other disciplines) face: When you’re working in a deep well, you can’t come up to the surface after every step of your work or you’ll never get anything done.
For CS, it’s probably more visible because the field is fairly young, rapidly changing, pretty large and the “basics” aren’t taught anywhere near as much as those of other, more well-established sciences.
But if you ask, there’s a chance someone is available to help you out. Be friendly, and they’re more likely to be friendly back.
I understand you care about making knowledge accessible and I applaud that. I acknowledge that CS has a long way to go still on that front. Let’s work on it together, shall we?
Kind regards, LVK
Removed by mod
What is the point of posting an LLM response to “what is web development”? Seriously? I don’t get it. If you don’t know and wanted to ask it, fine. But why copypaste it to c/technology?
Removed by mod
I do have a ton more questions, but I’m not sure if I want to ask them.