New Featured Zero Day Report for SH1A-Halud npm Supply Chain Attack

On November 24th, 2025, we detected a new supply chain attack, SHA1-Hulud, impacting the npm ecosystem. We suspect this to be a second wave of the Shai-Hulud attack which took place in September 2025.

As communicated on our Trust Center, Snyk will continue to monitor this active incident through resolution. As of now, we believe over 700 packages have been compromised.

To help you better understand whether or not you have been impacted, we have released a new Featured Zero Day Report named SHA1-Hulud npm Supply Chain Attack - Nov 2025.

As new advisories are added and projects are re-tested, this Report will be populated with issues if Snyk detects the usage of any compromised packages.