Major Incidents: Supply-Chain Attacks Resurge
Shai-Hulud 2.0: Second Wave Hits npm & Maven
- On November 24, 2025, researchers uncovered a second wave of the malware campaign known as Shai-Hulud, targeting the ecosystem of npm and beyond. Hundreds of npm packages, including widely used ones, were trojanized.
- The second wave reportedly compromised over 830 packages, and the infection spread beyond npm, reaching the Maven ecosystem as well.
- Attackers embedded malicious pre-install scripts, delivering a worm-like payload. Once triggered, this payload harvested credentials (npm tokens, GitHub tokens, cloud keys), exfiltrated them, and used them to further contaminate other repositories, sometimes wiping user home directories if persistence failed.
- Some compromised packages were used by major projects (e.g., tools associated with Zapier, PostHog, ENS Domains, Postman), underlining the broad reach and potential impact of the attack.
- The timing of the attack appears deliberate: it coincided with an announcement that npm would soon revoke “classic tokens” (legacy authentication tokens), creating a window of opportunity before many developers migrated to more secure methods.
This resurgence, dubbed by some as “the second coming” of Shai-Hulud, underscores that supply-chain attacks remain a powerful tool for adversaries, and that even after a major initial wave (e.g., in September 2025), attackers are capable of retooling and striking again.
PyPI Under Threat: Domain-Takeover Vulnerabilities Discovered
- November also saw fresh warnings about the risks to PyPI, the Python package registry. Researchers at ReversingLabs identified a vulnerability in legacy Python packages that could allow a domain takeover, i.e. attackers could hijack domains previously used by build or installation scripts, then push malicious updates or packages.
- The root issue lies in how certain build tools and bootstrap scripts are structured: some scripts implicitly trust remote resources or domains, and when those domains expire or are abandoned (a common occurrence for older or unmaintained packages), attackers can register them and hijack installation flows.
- This discovery once again highlights the “hidden risks” in open-source supply chains: even if the code itself hasn’t been altered, the build or install infrastructure (including domain dependencies) can become a vector for compromise.
Broader Trends: Tools, Resilience, and the Evolving Attack Surface
Growth of Defensive Tooling: Better Visibility & Risk Assessment
- In parallel with the rise in attacks, November 2025 also saw attention to defensive innovation. The monthly “open-source cybersecurity tools” roundup spotlighted several tools aimed at improving supply-chain security hygiene – notably Heisenberg, which can perform “software supply chain health checks” by analyzing dependencies, SBOMs, and advisories; and VulnRisk, a vulnerability-risk assessment platform that adds context-aware analysis beyond simple CVSS scores.
- The growth of such tooling reflects a broader shift: as attacks become more stealthy and systemic, organizations must move away from reactive patching and toward proactive, continuous supply-chain monitoring and risk management.
Academic Advances: Detecting Stealthy Backdoors with LLMs
- On the research front, a paper published on November 17, 2025 proposed a novel framework using large-language models (LLMs) to quantitatively assess “high-stealthy backdoor risks” in open-source supply chains. The framework analyzes not only code content, but also repository metadata commit frequency, review patterns, maintainer activity to detect anomalies that may correlate with backdoor insertion.
- This direction is especially pertinent following attacks such as the backdoor incident in XZ Utils (disclosed earlier in 2025), which exploited the development and maintenance process itself to introduce malicious behavior, bypassing defenses oriented only around known CVEs or suspicious code.
- Tools like this that combine code-analysis with maintainer metadata and behavior modeling may become critical as supply-chain threats evolve from overt malware to subtle, long-term infiltration.
Infrastructure & Build-System Risks: A Persistent Weak Spot
- The revelations around PyPI domain-takeover vulnerabilities underscore a recurring theme: build and distribution infrastructure, not just package code, remains one of the most fragile points in open-source supply chains. As highlighted in earlier 2025 analyses, tools like build services for Linux distributions, package registries, and automation systems (CI/CD) often lack the scrutiny applied to application code.
- This weak spot is exacerbated by the sheer scale and complexity of modern software: large applications may use thousands of dependencies, transitively pulling in hundreds of packages for which few maintainers remain active or vigilant.
Implications for Organizations & Risk Management – Relevance to Your Work
For someone with your background (writing about SBOMs, supply-chain transparency, regulatory compliance), these developments carry powerful lessons and practical takeaways:
- SBOMs and dependency inventories are no longer “nice to have” – they are essential. The Shai-Hulud 2.0 incident demonstrates that malicious code can propagate silently through dependencies and dev environments; having a complete SBOM enables quicker identification of affected components and more systematic remediation.
- Beyond CVEs: Need for behavior- and metadata-aware risk assessment. Traditional vulnerability tracking (CVEs, static analysis) is insufficient against stealthy backdoors or infrastructure-level attacks (e.g., domain-takeover on PyPI). Incorporating tools that assess repository health, maintainer activity, and build-system integrity (possibly leveraging LLM-driven heuristics) can significantly improve resilience.
- Secure build and distribution processes are critical. As attacks shift from individual malicious packages to compromising build infrastructure, cloud registries, or bootstrap scripts, organizations must secure not only their source code but also their tooling, CI/CD pipelines, and supply-chain processes.
- Governance & policy frameworks (e.g., for regulatory compliance) must evolve. Given increasing regulatory interest (e.g., upcoming obligations under frameworks like the EU Cyber Resilience Act, or supply-chain demands for medical devices under the U.S. Food and Drug Administration), companies must extend compliance beyond code provenance to include supply-chain hygiene, dependency auditing, and build-process assurance.
- Continuous monitoring and rapid response capabilities are mandatory. In a fast-moving landscape where a second wave of attacks can hit within weeks of the first, organizations need automated tooling, alerting, secret-rotation procedures, and tight controls on publishing and deployment.
November 2025 has reaffirmed a stark reality: open-source software supply chains remain under serious, evolving threat. The resurgence of the Shai-Hulud malware campaign, the discovery of PyPI domain-takeover vulnerabilities, and the rising sophistication of backdoor risks all point to a future in which supply-chain attacks are more frequent, more stealthy, and more damaging.
At the same time, defensive efforts, from new open-source tools like Heisenberg and VulnRisk, to academic research leveraging LLMs for behavior-based risk assessment are gaining ground. For organizations aiming to stay ahead, the path forward demands layered strategies: SBOMs, build-process hardening, continuous monitoring, and governance practices that treat open-source dependencies as critical risk assets.
For your work, in areas such as SBOM innovation, supply-chain risk management, compliance with emerging regulations, and secure software development, November’s events are a wake-up call. They underscore the urgency of embedding supply-chain security into the core of software development lifecycle (SDLC) practices – not as an afterthought, but as a foundational principle.