SECURITYWEEK reports a new supply chain attack called Sandworm_Mode worming through the NPM registry, with the malicious code propagating like a worm and exfiltrating secrets while including a configurable dead switch that can wipe home directories if GitHub or NPM access is lost. The campaign was deployed through 19 packages published under two aliases that relied on typosquatting to deceive developers into running the code, and all of the packages have since been removed from the registry.
Security researchers say the attack bears the hallmarks of the Shai-Hulud campaign that hit hundreds of NPM packages in 2025, and it relies on stolen NPM and GitHub credentials for propagation, plus a weaponised GitHub Action to harvest and exfiltrate CI secrets and inject dependencies and workflows.
The operation is multi-stage, beginning with credential and crypto key exfiltration and followed by deep harvesting of secrets from password managers and environment variables, with worm propagation and multi-channel exfiltration further expanding its reach. EndorLabs explains that Sandworm_Mode can also propagate by infecting carrier packages and harvest all repository secrets, while the article notes guidance for developers to remove the malicious packages, rotate credentials, and check for unexpected workflows.