SHAI-HULUD worm copycats are already hitting online targets just days after the malware’s source code was dumped on GitHub, with researchers warning that copycats would emerge and they were right. According to Ox Security, at least one threat actor is already using modified versions of the worm in attacks against NPM developers, including a direct clone called chalk-tempalte that stores its own C2 server and private key in npm.
The first Shai-Hulud appearance was in September 2025 during open‑source supply‑chain attacks, and the malware resurfaced recently, compromising hundreds of NPM packages and potentially affecting thousands of developers by stealing credentials, tokens and API keys to spread via compromised maintainer accounts. Four identified packages—@deadcode09284814/axios-util, axois-utils, chalk-tempalte and color-style-utils—had more than 2,600 weekly downloads before detection.
One package reportedly even extends to pulling infected systems into a DDoS botnet, suggesting multiple monetisation paths beyond exfiltrating secrets. Threat actors are now pursuing supply‑chain and typo‑ squatting techniques with the open source code making these attacks easier to deploy.