TEAMPCP published Shai-Hulud source code to GitHub last week, and the worm already shows signs of spreading. TeamPCP is a financially motivated threat actor long viewed as a key culprit behind Shai-Hulud and related worms. Shai-Hulud began infecting NPM packages by poisoning open source components, with the malware then using compromised developer accounts to publish poisoned dependencies and repeat the cycle.
In a recent study, four malicious packages were uploaded from one npm account, including a near-verbatim copy of Shai-Hulud with its own command-and-control infrastructure, three Axios typosquats, and a DDoS payload that enslaves infected machines.
Mondoo’s chief security officer Patrick Münch described this as a new frontier for supply chain attacks, illustrating how typosquatting can evolve into automatic malware deployment through CI/CD pipelines; according to Mondoo's blog post, turning on three controls in a package manager should neutralise the threat. GitHub reportedly removed the original May 12 repository, though follow-on forks persisted. May 18, 2026.