On November 2, 1988, graduate student Robert Morris released a self-replicating program into the early Internet. Within 24 hours, the Morris worm had infected roughly 10 percent of all connected computers, crashing systems at Harvard, Stanford, NASA, and Lawrence Livermore National Laboratory. The worm exploited security flaws in Unix systems that administrators knew existed but had not bothered to patch.

Morris did not intend to cause damage. He wanted to measure the size of the Internet. But a coding error caused the worm to replicate far faster than expected, and by the time he tried to send instructions for removing it, the network was too clogged to deliver the message.

History may soon repeat itself with a novel new platform: networks of AI agents carrying out instructions from prompts and sharing them with other AI agents, which could spread the instructions further.

Read full article

Comments

© Aurich Lawson | Moltbook

A debilitating infection from the parasitic Guinea worm is inching closer to global eradication, with an all-time low of only 10 human cases reported worldwide in 2025, the Carter Center announced.

If health workers can fully wipe out the worms, it will be only the second human disease to be eradicated, after smallpox.

Guinea worm (Dracunculus medinensis) is a parasitic nematode transmitted in water. More specifically, it's found in waters that contain small crustacean copepods, which harbor the worm's larvae. If a person consumes water contaminated with Guinea worm, the parasites burrow through the intestinal tract and migrate through the body. About a year later, a spaghetti noodle-length worm emerges from a painful blister, usually in the feet or legs. It can take up to eight weeks for the adult worm to fully emerge. To ease the searing pain, infected people may put their blistered limbs in water, allowing the parasite to release more larvae and continue the cycle.

Read full article

Comments

© Getty | Louise Gubb

Trust Wallet users had $8.5 million in crypto assets stolen in a cyberattack linked to the second wave of the Shai-Hulud npm supply chain attack. In a lengthy analysis of the attack, Trust Wallet said attackers used the Shai-Hulud attack to access Trust Wallet’s browser extension source code and Chrome Web Store API key. “Using that access, they were able to prepare a tampered version of the extension with a backdoor designed to collect users’ sensitive wallet data [and] releasing the malicious version to the Chrome Web Store using the leaked (CWS) API key,” the crypto wallet company said. So far Trust Wallet has identified 2,520 wallet addresses affected by the incident and drained by the attackers, totaling approximately $8.5 million in assets. The company said it “has decided to voluntarily reimburse the affected users.” News of the successful attack comes amid reports that threat actors are actively preparing for a third wave of Shai-Hulud attacks.

Trust Wallet Shai-Hulud Attack Detailed

Trust Wallet said “an unauthorized and malicious version” of its Browser Extension (version 2.68) was published to the Chrome Web Store on December 24, “outside of our standard release process (without mandatory review). This version contained malicious code that, when loaded, allowed the attacker to access sensitive wallet data and execute transactions without authorization.” The $8.5 million in assets were associated with 17 wallet addresses controlled by the attacker, but Trust Wallet said the attacker addresses “also drained wallet addresses NOT associated with Trust Wallet and this incident. We are actively tracking other wallet addresses that may have been impacted and will release updated numbers once we have confirmation.” The incident affects only Trust Wallet Browser Extension version 2.68 users who opened the extension and logged in during the affected period of December 24-26. It does not affect mobile app users, users of other Browser Extension versions, or Browser Extension v2.68 users who opened and logged in after December 26 at 11:00 UTC. “If you have received an app push via the Trust Wallet mobile app or you see a security incident banner on your Trust Wallet Browser Extension, you may still be using the compromised wallets,” the company said. Browser Extension v2.68 users who logged into their wallets during the affected period were advised to transfer their funds from any at-risk wallets to a newly created wallet following the company’s instructions and to submit reimbursement claims at https://be-support.trustwallet.com.

White Hat Researchers Limited Damage with DDoS Attacks

The dramatic Trust Wallet attack was met by an equally dramatic response from white hat security researchers, who launched DDoS attacks on the attacker to limit damage, as detailed in the company’s update. Trust Wallet’s Developer GitHub secrets were exposed in the November second-wave attack, which gave the attacker access to the browser extension source code and the API key, allowing builds to be uploaded directly without Trust Wallet's internal approval and manual review. The attacker registered the domain metrics-trustwallet.com “with the intention of hosting malicious code and embedding a reference to that code in their malicious deployment of the Trust Wallet Browser Extension,” the company said. The attacker prepared and uploaded a tampered version of the browser extension using the codebase of an earlier version that they had accessed through the exposed developer GitHub secrets. The attacker published version 2.68 on the Chrome Web Store for review using the leaked CWS key, “and the malicious version was released automatically upon passing Chrome Web Store review approval,” Trust Wallet said. On December 25, the first wallet-draining activity was publicly reported, when 0xAkinator and ZachXBT flagged the issues and identified the attacker's wallet addresses, and partner Hashdit and internal systems “notified us with multiple suspicious alerts.” “White-hat researchers initiated DDoS attacks in an attempt to temporarily disable the attacker's malicious domain, api.metrics-trustwallet.com, helping to minimize further victims,” Trust Wallet said. The company rolled back to a verified clean version (2.67, released as 2.69) and issued urgent upgrade instructions.

Just weeks after the devastating "Second Coming" campaign crippled thousands of development environments, the threat actor behind the Shai-Hulud worm has returned. Security researchers at Aikido have detected a new, evolved strain of the malware dubbed "The Golden Path," signaling that the most aggressive supply chain predator in the npm ecosystem is far from finished.

This latest iteration was first spotted on over the weekend, embedded within the package @vietmoney/react-big-calendar. While the initial discovery suggests the attackers may still be in a "testing" phase with limited spread, the technical refinements found in the code point to a more resilient and cross-platform threat.

Evolution of a Predator

Shai-Hulud has long utilized a Dune-inspired theatrical flair, but its latest evolution suggests a shift in branding. In this new wave, stolen data is exfiltrated to GitHub repositories featuring a cryptic new description: "Goldox-T3chs: Only Happy Girl.

Technically, "The Golden Path" is a significant upgrade. Earlier versions of the worm struggled with Windows environments when attempting to self-propagate using the bun runtime. The new strain specifically addresses this, implementing cross-platform publishing capabilities that ensure the worm can spread regardless of the victim's operating system.

Researchers also noted a shift in file nomenclature—the malware now operates via bun_installer.js and environment_source.js—and features improved error handling for TruffleHog, the secret-scanning tool the worm uses to harvest AWS, GCP, and Azure credentials. By refining its timeout logic, the malware is now less likely to crash during high-latency scans, making its "smash-and-grab" operations more reliable.

A Legacy of Disruption

This isn't Shai-Hulud’s first rodeo. The group first made headlines in September 2025 when a massive campaign hit over 500 npm packages, including those belonging to cybersecurity giant CrowdStrike.

Read: CrowdStrike Among Those Hit in NPM Attack Campaign

That initial strike was historically significant, resulting in the theft of an estimated $50 million in cryptocurrency and proving that even the most security-conscious organizations are vulnerable to upstream dependency hijacking.

In November, the "Second Coming" wave escalated the stakes by introducing a "dead man’s switch"—a destructive payload designed to wipe a user's home directory if the malware detected it had been cut off from its command-and-control (C2) servers.

Read: New Shai-Hulud Attack Hits Nearly 500 npm Packages with 100+ Million Downloads

The Supply Chain Standoff

The return of Shai-Hulud underscores a grim reality for modern DevOps: trust is a liability. By targeting the preinstall phase of npm packages, the malware executes before a developer even realizes a package is malicious.

"The differences in the code suggests that this was obfuscated again from original source, not modified in place," Aikido researchers noted. "This makes it highly unlikely to be a copy-cat, but was made by somebody who had access to the original source code for the worm."

Relying on npm’s default security is no longer sufficient. Organizations are urged to adopt "Trusted Publishing," enforce strict lockfile integrity, and utilize package-aging tools that block the installation of brand-new, unvetted releases. In the world of Shai-Hulud, the only way to survive the desert is to stop trusting the ground beneath your feet.

Amazon Web Services (AWS) has attributed a persistent multi-year cyber espionage campaign targeting Western critical infrastructure, particularly the energy sector, to a group strongly linked with Russia’s Main Intelligence Directorate (GRU), known widely as Sandworm (or APT44).

In a report released Monday, the cloud giant’s threat intelligence teams revealed that the Russian-nexus actor has maintained a "sustained focus" on North American and European critical infrastructure, with operations spanning from 2021 through the present day.

Misconfigured Devices are the Attackers' Gateway

Crucially, the AWS investigation found that the initial successful compromises were not due to any weakness in the AWS platform itself, but rather the exploitation of customer misconfigured devices. The threat actor is exploiting a fundamental failure in network defense, that of, customers failing to properly secure their network edge devices and virtual appliances.

The operation focuses on stealing credentials and establishing long-term persistence, often by compromising third-party network appliance software running on platforms like Amazon Elastic Compute Cloud (EC2).

AWS CISO CJ Moses commented in the report, warning, "Going into 2026, organizations must prioritize securing their network edge devices and monitoring for credential replay attacks to defend against this persistent threat."

Persistence and Credential Theft, Part of the Sandworm Playbook

AWS observed the GRU-linked group employing several key tactics, techniques, and procedures (TTPs) aligned with their historical playbook:

1. Exploiting Misconfigurations: Leveraging customer-side mistakes, particularly in exposed network appliances, to gain initial access.

2. Establishing Persistence: Analyzing network connections to show the actor-controlled IP addresses establishing persistent, long-term connections to the compromised EC2 instances.

3. Credential Harvesting: The ultimate objective is credential theft, enabling the attackers to move laterally across networks and escalate privileges, often targeting the accounts of critical infrastructure operators.

AWS’s analysis of infrastructure overlaps with known Sandworm operations—a group infamous for disruptive attacks like the 2015 and 2016 power grid blackouts in Ukraine—provides high confidence in the attribution.

Recently, threat intelligence company Cyble had detected advanced backdoors targeting the defense systems and the TTPs closely resembled Russia's Sandworm playbook.

Read: Cyble Detects Advanced Backdoor Targeting Defense Systems via Belarus Military Lure

Singular Focus on the Energy Supply Chain

The targeting profile analyzed by AWS' threat intelligence teams demonstrates a calculated and sustained focus on the global energy sector supply chain, including both direct operators and the technology providers that support them:

• Energy Sector: Electric utility organizations, energy providers, and managed security service providers (MSSPs) specializing in energy clients.

• Technology/Cloud Services: Collaboration platforms and source code repositories essential for critical infrastructure development.

• Telecommunications: Telecom providers across multiple regions.

The geographic scope of the targeting is global, encompassing North America, Western and Eastern Europe, and the Middle East, illustrating a strategic objective to gain footholds in the operational technology (OT) and enterprise networks that govern power distribution and energy flow across NATO countries and allies.

From Cloud Edge to Credential Theft

AWS’ telemetry exposed a methodical, five-step campaign flow that leverages customer misconfiguration on cloud-hosted devices to gain initial access:

1. Compromise Customer Network Edge Device hosted on AWS: The attack begins by exploiting customer-side vulnerabilities or misconfigurations in network edge devices (like firewalls or virtual appliances) running on platforms like Amazon EC2.

2. Leverage Native Packet Capture Capability: Once inside, the actor exploits the device's own native functionality to eavesdrop on network traffic.

3. Harvest Credentials from Intercepted Traffic: The crucial step involves stealing usernames and passwords from the intercepted traffic as they pass through the compromised device.

4. Replay Credentials Against Victim Organizations’ Online Services and Infrastructure: The harvested credentials are then "replayed" (used) to access other services, allowing the attackers to pivot from the compromised appliance into the broader victim network.

5. Establish Persistent Access for Lateral Movement: Finally, the actors establish a covert, long-term presence to facilitate lateral movement and further espionage.

Secure the Edge and Stop Credential Replay

AWS has stated that while its infrastructure remains secure, the onus is on customers to correct the foundational security flaws that enable this campaign. The report strongly advises organizations to take immediate action on two fronts:

• Secure Network Edge: Conduct thorough audits and patching of all network appliances and virtual devices exposed to the public internet, ensuring they are configured securely.

• Monitor for Credential Replay: Implement advanced monitoring for indicators of compromise (IOCs) associated with credential replay and theft attacks, which the threat actors are leveraging to move deeper into target environments.

A new Shai-Hulud supply chain attack has hit nearly 500 npm packages with a total of 132 million monthly downloads. The latest campaign follows one in September that infected nearly 200 npm packages with more than 2 billion weekly downloads. The new campaign targeting the packages used to run JavaScript outside of a browser was reported by Aikido and other security firms. Aikido noted that a total of 492 packages have been affected by the self-replicating worm, and more than 25,000 compromised repositories labeled “Sha1-Hulud: The Second Coming” have been created containing sensitive information like passwords, API keys, cloud tokens, and GitHub or npm credentials. “The timing is notable, given npm’s recent announcement that it will revoke classic tokens on December 9 after the wave of supply-chain attacks,” Aikido’s Charlie Eriksen said. “With many users still not migrated to trusted publishing, the attacker seized the moment for one more hit before npm’s deadline.”

Shai-Hulud Attack Affects Packages from Zapier, AsyncAPI and Others

Shai-Hulud, named after the giant sandworms from Dune, is a self-replicating npm worm built to spread quickly through compromised developer environments. The latest attack has hit major npm packages from the likes of Zapier, ENS, AsyncAPI, PostHog, Browserbase, and Postman. “Once it infects a system, it searches for exposed secrets such as API keys and tokens using TruffleHog and publishes anything it finds to a public GitHub repository,” Eriksen said. “It then attempts to push new copies of itself to npm, helping it propagate across the ecosystem, while exfiltrating data back to the attacker.” If a developer installs one of these malcicious packages, the malware runs quietly during installation before anything even finishes installing, giving the malware access to the developer’s machine, build systems, or cloud environment, he said. If stolen secrets include access to code repositories or package registries, attackers can use those secrets to break into additional accounts and publish more malicious packages, spreading the attack even further. “Because trusted ecosystems were involved and millions of downloads are affected, any team using NPM should immediately check whether they were impacted and rotate any credentials that may have leaked,” Eriksen said.

Shai-Hulud Worm Details

Ashish Kurmi of Step Security noted that the latest evolution of the malware “disguises the entire payload as a helpful Bun installer.” The core payload - bun_environment.js - is 10MB and uses “extreme obfuscation techniques,” Kurmi added. These include “a massive hex-encoded string array containing thousands of entries,” an anti-analysis loop “that performs millions of arithmetic operations,” and every string in the code is retrieved through an obfuscated function. The malware delays full execution on developer machines by “forking itself into the background,” Kurmi said. “The user’s terminal returns instantly, giving the illusion of a normal install, while seconds later a completely detached process begins exfiltration.” “It executes a sophisticated, multi-stage pre-install attack that targets both CI/CD runners and developer workstations with equal effectiveness,” Kurmi said. Wiz noted that the malware targets AWS, Azure and Google Cloud Platform (GCP) by “bundling official SDKs to operate independently of host tools.”

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel series — because it publishes any stolen credentials in a new public GitHub repository that includes the name “Shai-Hulud.”

“When a developer installs a compromised package, the malware will look for a npm token in the environment,” said Charlie Eriksen, a researcher for the Belgian security firm Aikido. “If it finds it, it will modify the 20 most popular packages that the npm token has access to, copying itself into the package, and publishing a new version.”

At the center of this developing maelstrom are code libraries available on NPM (short for “Node Package Manager”), which acts as a central hub for JavaScript development and provides the latest updates to widely-used JavaScript components.

The Shai-Hulud worm emerged just days after unknown attackers launched a broad phishing campaign that spoofed NPM and asked developers to “update” their multi-factor authentication login options. That attack led to malware being inserted into at least two-dozen NPM code packages, but the outbreak was quickly contained and was narrowly focused on siphoning cryptocurrency payments.

In late August, another compromise of an NPM developer resulted in malware being added to “nx,” an open-source code development toolkit with as many as six million weekly downloads. In the nx compromise, the attackers introduced code that scoured the user’s device for authentication tokens from programmer destinations like GitHub and NPM, as well as SSH and API keys. But instead of sending those stolen credentials to a central server controlled by the attackers, the malicious nx code created a new public repository in the victim’s GitHub account, and published the stolen data there for all the world to see and download.

Last month’s attack on nx did not self-propagate like a worm, but this Shai-Hulud malware does and bundles reconnaissance tools to assist in its spread. Namely, it uses the open-source tool TruffleHog to search for exposed credentials and access tokens on the developer’s machine. It then attempts to create new GitHub actions and publish any stolen secrets.

“Once the first person got compromised, there was no stopping it,” Aikido’s Eriksen told KrebsOnSecurity. He said the first NPM package compromised by this worm appears to have been altered on Sept. 14, around 17:58 UTC.

The security-focused code development platform socket.dev reports the Shai-Halud attack briefly compromised at least 25 NPM code packages managed by CrowdStrike. Socket.dev said the affected packages were quickly removed by the NPM registry.

In a written statement shared with KrebsOnSecurity, CrowdStrike said that after detecting several malicious packages in the public NPM registry, the company swiftly removed them and rotated its keys in public registries.

“These packages are not used in the Falcon sensor, the platform is not impacted and customers remain protected,” the statement reads, referring to the company’s widely-used endpoint threat detection service. “We are working with NPM and conducting a thorough investigation.”

A writeup on the attack from StepSecurity found that for cloud-specific operations, the malware enumerates AWS, Azure and Google Cloud Platform secrets. It also found the entire attack design assumes the victim is working in a Linux or macOS environment, and that it deliberately skips Windows systems.

StepSecurity said Shai-Hulud spreads by using stolen NPM authentication tokens, adding its code to the top 20 packages in the victim’s account.

“This creates a cascading effect where an infected package leads to compromised maintainer credentials, which in turn infects all other packages maintained by that user,” StepSecurity’s Ashish Kurmi wrote.

Eriksen said Shai-Hulud is still propagating, although its spread seems to have waned in recent hours.

“I still see package versions popping up once in a while, but no new packages have been compromised in the last ~6 hours,” Eriksen said. “But that could change now as the east coast starts working. I would think of this attack as a ‘living’ thing almost, like a virus. Because it can lay dormant for a while, and if just one person is suddenly infected by accident, they could restart the spread. Especially if there’s a super-spreader attack.”

For now, it appears that the web address the attackers were using to exfiltrate collected data was disabled due to rate limits, Eriksen said.

Nicholas Weaver is a researcher with the International Computer Science Institute, a nonprofit in Berkeley, Calif. Weaver called the Shai-Hulud worm “a supply chain attack that conducts a supply chain attack.” Weaver said NPM (and all other similar package repositories) need to immediately switch to a publication model that requires explicit human consent for every publication request using a phish-proof 2FA method.

“Anything less means attacks like this are going to continue and become far more common, but switching to a 2FA method would effectively throttle these attacks before they can spread,” Weaver said. “Allowing purely automated processes to update the published packages is now a proven recipe for disaster.”