Supply‑Chain Worm Infects 170 npm & PyPI Packages, Including Mistral AI and TanStack
What Happened – A fifth‑wave “Mini Shai‑Hulud” worm silently compromised more than 170 open‑source JavaScript and Python packages on npm and PyPI, spreading autonomously by harvesting credentials from cloud, CI/CD, AI, and messaging tools. The malicious code was released publicly, enabling other actors to weaponize it.
Why It Matters for TPRM –
- Supply‑chain compromise can cascade to any downstream application that consumes infected libraries.
- Credential theft from CI/CD pipelines and cloud services creates lateral‑movement opportunities across a vendor’s environment.
- Open‑source release of the worm code lowers the barrier for repeat attacks, expanding the threat surface for all third‑party software dependencies.
Who Is Affected – Technology & SaaS firms, AI/ML platforms, DevOps tool providers, and any organization that integrates npm or PyPI packages (e.g., Mistral AI, TanStack, OpenSearch, UiPath, DraftLab).
Recommended Actions –
- Implement package “cool‑down” periods and integrity verification before deployment.
- Rotate and isolate npm/PyPI tokens; avoid revocation until affected hosts are imaged.
- Conduct credential hygiene audits for CI/CD, cloud, and developer tools.
Technical Notes – The worm exploits trust in public package registries (third‑party dependency vector) and harvests credentials from >100 hard‑coded paths, including AWS, GCP, Azure, Kubernetes, Slack, Signal, and crypto wallets. The latest variant adds a destructive wiper that triggers if its access token is revoked. Source: DataBreachToday