Attackers Testing New Strain of Shai-Hulud on npm: Aikido

Published: 1 month ago (January 5, 2026 at 10:16 AM EST)

1 min read

Source: DevOps.com

New Strain of Shai‑Hulud Observed in npm Packages

Threat actors behind the virulent Shai-Hulud worm that wreaked havoc in open npm repositories toward the end of 2025 apparently are trying out a new strain that comes with slight modifications. Security researchers with Aikido Security, who have been tracking Shai-Hulud for months, wrote in a report…

Back to Blog

Predictive Maintenance in Industrial Settings: Leveraging IoT and DevOps Practices for Maximum Uptime

In modern industry, keeping machines running nonstop is a challenge. Systems grow more complex each year, yet expectations for reliability never relax. Predicti...

AI is the new Junior Engineer

Real AI gains don’t come from hype or pilots. They come from teams with strong teaching, mentoring and engineering culture already in place....

Best of 2025: How AI Agents are Reshaping the Developer Experience

AI agents are helping to shift developers' focus from long hours of manual coding to high-value problem-solving, architecture and decision-making processes....

Best of 2025: GitHub Action Compromise Risks Data Leaks for 23,000 Repositories

The attacker introduced malicious Python code that would expose secrets like authentication credentials in public repositories....

New Strain of Shai‑Hulud Observed in npm Packages

Related posts

Predictive Maintenance in Industrial Settings: Leveraging IoT and DevOps Practices for Maximum Uptime

AI is the new Junior Engineer

Best of 2025: How AI Agents are Reshaping the Developer Experience

Best of 2025: GitHub Action Compromise Risks Data Leaks for 23,000 Repositories