SlowMist CISO: NPM Supply Chain Attack Latest Variant "Shai-Hulud 3.0" is Coming, Please Be Vigilant

By: theblockbeats.news|2025/12/29 04:16:14

Share

copy

BlockBeats News, December 29, SlowMist Chief Security Officer 23pds issued a security alert, the latest variant of the NPM supply chain attack "Shai-Hulud 3.0" strikes again. All projects and platforms are advised to be on high alert. Previously, the suspected Trust Wallet API key leak may have led to the Shai-Hulud 2.0 attack.

Shai-Hulud is a series of self-propagating worm-like supply chain attacks targeting the NPM ecosystem, aiming to steal developer credentials, cloud keys, and environment secrets. The latest variant (referred to by the community as Shai-Hulud 3.0 or a new strain) was discovered by Aikido Security researcher Charlie Eriksen on December 28, 2025. Currently, its spread is limited and may be in a testing phase.

You may also like

Cryptocurrency people who use candlestick charts for fortune telling

Cryptocurrency people who use candlestick charts for fortune telling

When fortune telling is depicted on candlestick charts and placed within the context of the cryptocurrency world, its explosive popularity stems not from the accuracy of its mystical claims, but from the fact that traders' collective anxiety about uncertainty has finally found an outlet.

Trust Wallet Browser Extension Security Incident Leads to Losses

Trust Wallet Browser Extension Security Incident Leads to Losses

Key Takeaways Trust Wallet identified a significant security breach in its browser extension version 2.68. Approximately over $6…

Trust Wallet Hack Results in $3.5 Million Loss for Major Wallet Holder

Trust Wallet Hack Results in $3.5 Million Loss for Major Wallet Holder

Key Takeaways A significant Trust Wallet hack led to the theft of $3.5 million from an inactive wallet.…

Social Engineering in the Crypto Universe: Safeguarding Your Assets in 2025

Social Engineering in the Crypto Universe: Safeguarding Your Assets in 2025

Key Takeaways Social engineering, a psychological manipulation tactic, has been the leading cause of crypto asset theft in…

Crypto Advice for Newcomers, Veterans, and Skeptics in 2026

Crypto Advice for Newcomers, Veterans, and Skeptics in 2026

Key Takeaways Newcomers should learn about the fundamentals of crypto and blockchain technology before investing. Experimenting with crypto…

Nofx’s Two-Month Journey from Stardom to Scandal: The Open Source Dilemma

Nofx’s Two-Month Journey from Stardom to Scandal: The Open Source Dilemma

Key Takeaways Nofx’s rise and fall in two months highlights inherent challenges in open source projects. A transition…

Key Market Information Discrepancy on December 19th, a Must-See! | Alpha Morning Report

Key Market Information Discrepancy on December 19th, a Must-See! | Alpha Morning Report

1. Top News: US Core CPI Unexpectedly Slows to Lowest Level Since 2021 2. Token Unlock: $YZY, $PIXEL

Flare Token Appears to Face a Bearish Forecast with a Potential 23% Drop by December 22, 2025

Flare Token Appears to Face a Bearish Forecast with a Potential 23% Drop by December 22, 2025

Key Takeaways Flare (FLR) is projected to decrease by 23.40% from its current price, reaching $0.008989 by December…

Enhancing the Future of Cryptocurrency Exchange: Understanding the Landscape

Enhancing the Future of Cryptocurrency Exchange: Understanding the Landscape

Key Takeaways Cryptocurrency exchange platforms are pivotal for digital currency transactions, offering diverse services tailored to user needs.…

The Evolution of Cryptocurrency Exchanges and the Role of WEEX

The Evolution of Cryptocurrency Exchanges and the Role of WEEX

Key Takeaways Cryptocurrency exchanges like WEEX play a crucial role in the digital asset trading ecosystem by providing…

The Deepfake Reckoning: Why Crypto’s Next Security Battle Will Be Against Synthetic Humans

The Deepfake Reckoning: Why Crypto’s Next Security Battle Will Be Against Synthetic Humans

Key Takeaways The rise of generative AI and deepfakes poses a significant threat to digital identity verification in…

Rejecting the "Security Theater": Wallet Security is Entering the Era of Verifiability

Rejecting the "Security Theater": Wallet Security is Entering the Era of Verifiability

「Security」 is becoming increasingly difficult to address with a simple slogan. Instead, it resembles more of a set of governance capabilities that need to be continuously demonstrated: whether it can be verified, whether it can be traced, and whether timely disclosure is possible are becoming important criteria for users when choosing a wallet.

The Future of Cryptocurrency Exchange: A Look into WEEX and Beyond

The Future of Cryptocurrency Exchange: A Look into WEEX and Beyond

Key Takeaways Cryptocurrency exchanges play a crucial role in the digital asset marketplace. WEEX focuses on offering secure…

Weex: Exploring the Trends and Future of Cryptocurrency Exchanges

Weex: Exploring the Trends and Future of Cryptocurrency Exchanges

Key Takeaways: The dynamic landscape of cryptocurrency exchanges underscores the importance of adaptability and innovation. WEEX stands as…

Enhanced Vision of Digital Exchange Platforms

Enhanced Vision of Digital Exchange Platforms

Key Takeaways The landscape of cryptocurrency exchange platforms is ever-evolving with technological advancements and market demands. The importance…

North Korean ‘Fake Zoom’ Crypto Scams: A Persistent and Evolving Threat

North Korean ‘Fake Zoom’ Crypto Scams: A Persistent and Evolving Threat

Key Takeaways North Korean hackers are mounting repeated daily attacks using fraudulent Zoom calls to trick victims into…

BOLTS Initiates Quantum-Resilience Pilot on Canton Network for Securing $6T Real-World Assets

BOLTS Initiates Quantum-Resilience Pilot on Canton Network for Securing $6T Real-World Assets

Key Takeaways BOLTS Technologies has launched a pilot program to integrate quantum resilience into the Canton Network, aiming…

Aster is Trading 31.36% Above Our Price Prediction for December 15, 2025

Aster is Trading 31.36% Above Our Price Prediction for December 15, 2025

Key Takeaways Aster currently trades at $0.970013, which is 31.36% higher than the prediction for December 15, 2025.…

Cryptocurrency people who use candlestick charts for fortune telling

When fortune telling is depicted on candlestick charts and placed within the context of the cryptocurrency world, its explosive popularity stems not from the accuracy of its mystical claims, but from the fact that traders' collective anxiety about uncertainty has finally found an outlet.

Trust Wallet Browser Extension Security Incident Leads to Losses

Key Takeaways Trust Wallet identified a significant security breach in its browser extension version 2.68. Approximately over $6…

Trust Wallet Hack Results in $3.5 Million Loss for Major Wallet Holder

Key Takeaways A significant Trust Wallet hack led to the theft of $3.5 million from an inactive wallet.…

Social Engineering in the Crypto Universe: Safeguarding Your Assets in 2025

Key Takeaways Social engineering, a psychological manipulation tactic, has been the leading cause of crypto asset theft in…

Crypto Advice for Newcomers, Veterans, and Skeptics in 2026

Key Takeaways Newcomers should learn about the fundamentals of crypto and blockchain technology before investing. Experimenting with crypto…

Nofx’s Two-Month Journey from Stardom to Scandal: The Open Source Dilemma

Key Takeaways Nofx’s rise and fall in two months highlights inherent challenges in open source projects. A transition…

Popular coins

Latest Crypto News

05:46

A Whale Flips Long to Short, Opening a Short Position of Over $91 Million in Major Coins

BlockBeats News, December 29, according to Hyperinsight monitoring, a whale closed its long positions for BTC, SOL, and ZEC today, then began opening short positions. Current positions are as follows:Short $47.8 million worth of BTC at 20x leverage, average entry price $88,959.5, with a floating los...

05:46

Solana releases 2025 Year-End Recap: DEX Trading Volume Surpasses $17 Trillion, ETF Cumulative Assets Reach Over $7.66 Billion

BlockBeats News, December 29th. The Solana team released the last weekly report of 2025, providing a comprehensive review of the ecosystem's progress throughout the year. The review revealed that Solana saw accelerated growth in 2025, with the launch of thousands of new products and partnership proj...

05:46

Lighter founder hints at introducing Turing Complete ZK Circuit

BlockBeats News, December 29th, Lighter founder vnovakovski posted on social media, hinting at the possible introduction of Turing-complete zero-knowledge circuits in the future to support more complex custom logic. The community believes that if this direction can be implemented, it may open up new...

05:46

Yihua Group's Trend Research Acquires an Additional 11,520 ETH, Worth Approximately $34.93 Million

BlockBeats News, December 29: According to LookIntoChain, Trend Research, a subsidiary of Matrixport, once again increased its ETH holdings by 11,520 ETH, worth approximately $34.93 million.As of the 25th, Trend Research holds a total of 6 major accumulation addresses, with a total of 580,000 ETH, w...

05:16

「Leverage Short Coin」 trader entered a short position on LIT with a liquidation price of $6.008

BlockBeats News, December 29th, according to Hyperinsight monitoring, the "Leveraged Bear" trader shorted 16,439 LIT with 3x leverage, with an average entry price of $4.14, unrealized profit of $7,822, and liquidation price of $6.008.Previously, the trader shorted MON with a profit of about $17,000.

Customer Support：@weikecs

Business Cooperation：@weikecs

Quant Trading & MM：[email protected]

VIP Services：[email protected]

App