24.11.2025
2 min
451
The second wave of the Shai-Hulud attack has expanded into the Maven ecosystem, spreading malicious packages from npm to Java environments and stealing thousands of secrets, making it one of the most impactful supply-chain breaches of 2025.
The large-scale Shai-Hulud v2 campaign, which began in September, has now spread beyond the JavaScript ecosystem into Maven Central. Researchers from the Socket Research Team identified a package named org.mvnpm:posthog-node:4.18.1 containing the two components of the Shai-Hulud payload — setup_bun.js and the primary backdoor bun_environment.js. Although not published by PostHog, the package was auto-generated by mvnpm, which mirrors npm packages into Maven artifacts.
The attack targets developers and CI/CD environments, stealing API keys, GitHub and npm tokens, and cloud credentials. Attackers gained access to npm maintainer accounts and pushed trojanized versions of widely used libraries. According to researchers, the breach impacted more than 28,000 repositories and exposed 11,858 unique secrets, with over 2,298 still valid as of November 24, 2025.
Shai-Hulud v2 introduces significant upgrades: raising the infection limit from 20 to 100 packages, hiding its logic using the Bun runtime, and exfiltrating secrets to randomly generated public GitHub repositories, making detection far more difficult.
The Shai-Hulud attack continues a broader wave of supply-chain exploits that began with the S1ngularity campaign in August 2025. Threat actors are abusing misconfigurations in GitHub Actions — particularly pull_request_target and workflow_run — allowing attacker-supplied code to run inside CI pipelines. A single vulnerable repository can act as “patient zero,” enabling the malware to spread rapidly across automated build systems.
Affected ecosystems include AsyncAPI, PostHog, and Postman, whose CI processes were leveraged as entry points. Once installed, the trojanized libraries backdoor developer machines by registering them as GitHub self-hosted runners, enabling arbitrary command execution, secret harvesting, and downstream package compromise.
Shai–Hulud v2 underscores the fragility of the modern software supply chain: a single compromised account or package can trigger a cascade that infects thousands of projects. Experts warn that the core issue is not zero-day exploits but structural weaknesses in open-source publishing and CI/CD pipelines. Developers are urged to rotate all credentials, purge compromised dependencies, and harden automation workflows.
