Shai-Hulud Campaign Evolution: Miasma, Hades, and AI Scanner Evasion
IntroductionSince Zscaler ThreatLabz published its analysis of Shai-Hulud V2 in November 2025, the campaign has continued to evolve in ways that distinguish it from more typical software supply chain attacks. Over the last six months, the activity expanded beyond npm into the Python Package Index (PyPI), shifted from maintainer-focused compromise to CI/CD ... Read More
Shai-Hulud V2 Poses Risk To NPM Supply Chain
IntroductionOn November 24, 2025, security researchers detected a second wave of the Shai-Hulud malware campaign targeting the npm ecosystem. Dubbed The Second Coming by its operators, Shai-Hulud V2 builds upon its predecessor, Shai-Hulud V1, and has established itself as an aggressive software supply chain attack. Within hours of its initial detection, the campaign ... Read More
