On 24 November 2025, news broke of a major attack against the NPM open-source package repository, the primary source of open-source software dependencies used by JavaScript and TypeScript applications. And of course, Checkmarx responded rapidly to keep our customers safe. This attack was an aggressive and stealthy enhancement of the previous Shai-Hulud attack; the attackers called this a “Second Coming” of Shai-Hulud, the fictional great worm from the Dune science-fiction novels.
This malicious package campaign created a self-replicating “worm” that:
- Steals GitHub, NPM, and related credentials from developer workstations and CI/CD environments.
- Uses those credentials to infect other npm packages (over 770 as of this writing) and GitHub repositories (over 27,000 as of this writing), allowing the malicious code to spread on its own.
- Deletes user directories (also known as home directories) if it is unable to successfully harvest credentials, causing damage to developer workstations, failed builds, and the associated lost productivity.
The Checkmarx Zero security research team is continuously identifying potentially affected packages, and when verified to be malicious, adding them to our Malicious Package Protection(MPP) system. Our customers who use MPP are alerted if any of their applications consume one of the infected package versions, so that security teams can respond quickly to address the threat.
And customers who adopt the Malicious Package Identification API (MPIAPI) as a proactive defense can actively block the installation of package versions infected with Shai-Hulud or the Shai-Hulud Second Coming, preventing the compromise from occurring in the first place.
These defenses are possible because Checkmarx maintains the world’s largest human-verified database of malicious open-source packages.
Malicious Packages: The Exploit That Installs Itself
Everyone worries about vulnerabilities, but malicious packages are unique in that they don’t wait to be exploited – they are the exploit.
When you think of software supply chain threats, vulnerabilities also come to mind: legitimate open-source packages with hidden weaknesses that attackers can exploit. But these flaws require a trigger – a hacker, a campaign, a moment of exploitation. Anything.
Malicious packages are different.
They’re the attacker’s code, published directly into public repositories like npm or PyPI, but disguised as legitimate software. The moment they’re installed, they execute harmful code inside your environment, no exploit needed. These packages can exfiltrate credentials, steal data, or establish persistent access before you even know they’re there.
That’s what makes malicious packages the most insidious threat in modern software development: they bypass traditional vulnerability scanners because they embed the attacker directly into your supply chain.
Malicious Packages Are Everyone’s Problem
Malicious packages aren’t just a developer mistake or a DevOps oversight – they’re a business risk. Once installed, they can:
- Exfiltrate sensitive data and credentials
- Compromise systems and CI/CD pipelines
- Leak intellectual property
- Disrupt operations and introduce backdoors
- Damage customer trust and your organization’s reputation
- Trigger regulatory and compliance violations
In a hyperconnected ecosystem, one malicious dependency can cascade across partners, customers, and entire industries.
Proactive Defense With Checkmarx Malicious Package Protection
The best defense against malicious packages is to detect and block them before they ever enter your environment.
Checkmarx Malicious Package Protection (MPP) provides complete, automated protection that fits seamlessly into existing workflows:
- Within Checkmarx Software Composition Analysis (SCA): Customers receive automated alerts whenever a malicious package is detected, along with safe, vetted alternatives.
-
Through the Checkmarx Malicious Package Identification API:
Teams can integrate detection at key checkpoints. This provides full flexibility to be protected even within a team’s own processes and pipelines:
– Before downloading from public repositories (npm, Maven Central, etc.)
– Before adding or retrieving from private registries
– During SCA scans of existing dependencies
– In CI/CD build stages, prior to installation - Within Checkmarx AI Developer Assist: Developers are shielded directly in their IDE, ensuring they never inadvertently import malicious open-source dependencies.
This multilayered approach ensures your pipelines, developers, and software assets stay protected at every stage of the software lifecycle.
Built on the World’s Largest Malicious Package Database
Effectiveness depends on intelligence and Checkmarx leads with the world’s largest malicious package database, powered by years of research and continuous monitoring.
- Over 410,000 malicious packages identified across 92.8 million versions
- Coverage across ecosystems including PyPI, npm, RubyGems, NuGet, and Maven Central
- Powered by advanced automation and Checkmarx Zero, our dedicated research team who manually validates every package before inclusion
This unparalleled intelligence ensures accuracy, reliability, and confidence when identifying emerging threats before they become public.
Stay Ahead of the Next Attack
The difference between containing the attack and being compromised comes down to proactive visibility and automated prevention. Checkmarx Malicious Package Protection enables you to stay ahead of attackers, protect your software supply chain, and empower developers to innovate safely.
Want to learn more about how Checkmarx can protect your organization against the next attack? Contact us or see it in action.
Learn more about Checkmarx Malicious Package Protection