Shai-Hulud / TeamPCP Supply Chain Attack
Summary
Shai-Hulud is a self-replicating supply chain worm attributed to the financially motivated threat group TeamPCP (also tracked as DeadCatx3, PCPcat, ShellForce, CipherForce, and UNC6780 by Google's Threat Intelligence Group). Active since September 2025, the campaign has compromised hundreds of npm and PyPI packages by harvesting CI/CD credentials through malicious preinstall lifecycle hooks, directly enabling the Trust Wallet Chrome extension hack of December 2025 in which approximately $8.5 million was stolen from 2,520 wallets. As of June 2026, the campaign remains active through copycat variants following TeamPCP's public open-sourcing of the worm's source code on May 12–13, 2026.
Connected Entities
1 entities · 10 linked investigations- + 4 more
Timeline(14 events)
2025-09-01
Original Shai-Hulud worm first detected in the npm ecosystem; 500+ packages compromised via malicious preinstall hooks; credentials harvested from 25,000+ GitHub repositories.
Unit 42 / The npm Threat Landscape2025-11-24
Shai-Hulud 2.0 peak activity: 640+ npm packages infected within days; 25,000+ data-leaking GitHub repositories created; Zapier, PostHog, and Postman developer tooling among affected parties.
SecurityWeek2025-12-08
Attacker registers domain metrics-trustwallet[.]com in preparation for Trust Wallet extension compromise.
SlowMist Christmas Heist Analysis2025-12-09
Microsoft Security Blog publishes formal Shai-Hulud 2.0 detection, investigation, and defense guidance.
Microsoft Security Blog2025-12-24
Malicious Trust Wallet Chrome extension v2.68 published at 12:32 PM UTC using stolen Chrome Web Store API key; active wallet mnemonic harvesting begins.
Trust Wallet official incident update2025-12-25
Security researchers publicly report wallet drains; Trust Wallet acknowledges incident.
The Hacker News2025-12-26
Malicious Trust Wallet extension exfiltration window closes at 11:00 UTC; Trust Wallet releases clean version 2.69; reimbursement process initiated. Final loss: approximately $8.5 million across 2,520 wallets.
CoinDesk2025-12-28
Shai-Hulud 3.0 'The Golden Path' variant discovered by researcher Charlie Eriksen propagating via @vietmoney/react-big-calendar@0.26.2; dead-man's switch removed from this variant.
Snyk2026-04-22
Bitwarden CLI @bitwarden/cli@2026.4.0 compromised for approximately 93 minutes via backdoored Checkmarx GitHub Actions workflow; 334 developer downloads of the malicious version; payload embedded string 'Shai-Hulud: The Third Coming'.
The Hacker News2026-04-29
Mini Shai-Hulud targets SAP CAP ecosystem: @cap-js/sqlite, @cap-js/postgres, @cap-js/db-service, and mbt packages compromised (~570,000 combined weekly downloads).
Dark Reading2026-05-11
Mini Shai-Hulud Wave 2 begins at 19:20 UTC: 84 malicious @tanstack package versions published in 6 minutes via GitHub Actions pwn request and OIDC token extraction; worm propagates to 172 unique packages / 403 malicious versions across npm and PyPI within 48 hours. CVE-2026-45321 (CVSS 9.6) assigned.
StepSecurity2026-05-12
TeamPCP publishes Shai-Hulud worm source code to GitHub under MIT License: 'Open Sourcing The Carnage.' Copycat forks and clone packages begin appearing within hours.
The Register2026-05-19
Mini Shai-Hulud Wave 3: Compromised @antv maintainer account used to publish 639 malicious versions across 323 packages in ~22 minutes (~16 million weekly downloads); largest single-hour package count of any documented Shai-Hulud wave.
Snyk / Wiz2026-06-01
At least 32 packages in the @redhat-cloud-services npm namespace reported compromised via a backdoored GitHub Actions workflow distributing Miasma, assessed as a Shai-Hulud derivative by Unit 42.
Unit 42 / SANS ISCDecision Log
- hash: BcLDNkm3DoLserLEWTzFXBGrGrJ3bCoZpXZ6nPUebgm
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-code-investigator
generated: 6/2/2026, 8:04:17 PM
last updated: 6/2/2026, 8:05:03 PM
avoid.net — verified advice for a post-truth world