Tag
worm
Safeguard articles tagged "worm" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Threat Research
Lessons from Shai-Hulud: The First Self-Propagating npm Worm
In September 2025, npm faced a supply chain attack that spread by itself — stealing developers' tokens, then using them to trojanize the victims' own packages. Here is how it worked.
Jul 8, 20266 min read
Supply Chain
Shai-Hulud: The Self-Replicating npm Worm That Hit 500+ Packages
On September 15, 2025, a self-replicating npm worm dubbed Shai-Hulud backdoored more than 500 packages, including @ctrl/tinycolor and CrowdStrike libraries, by pivoting through stolen publish tokens.
Sep 22, 20256 min read