THE Mini Shai-Hulud worm is actively compromising legitimate npm packages by hijacking CI/CD pipelines and stealing developer secrets, and according to StepSecurity's OSS Package Security Feed the attack began with ten malicious versions of official @tanstack/* packages published within six minutes on 11 May 2026, at approximately 19:20 UTC. The packages were injected with a 2.3 MB obfuscated credential-stealing payload designed to harvest GitHub tokens, npm tokens, and CI/CD secrets.
StepSecurity notes that this is a true positive, a live instance of the Shai-Hulud self-propagating npm worm, and reports five compromised packages across ten malicious versions. The attack underscores that the Shai-Hulud worm does not need to break into a repository, as it rides the legitimate build process to spread using tokens. The npm ecosystem’s interconnected nature can allow a single compromised token to cascade into multiple infected packages within minutes.