Kaspersky Threat Research has conducted an analysis of the Shai-Hulud worm’s patient zero package, providing insights into how the self-replicating malware launched its widespread supply chain attack on the npm ecosystem.

According to the latest Kaspersky research, the Shai-Hulud worm infected 190 unique packages across 530 total package versions – indicating that many packages had multiple compromised versions published during the attack.

The Shai-Hulud worm, a self-replicating malware first disclosed on 15 September 2025, spreads automatically through developer accounts by stealing authentication tokens and publishing infected versions of legitimate packages. While the attack’s impact has been widely documented, Kaspersky’s analysis reveals technical details about the initial infection mechanics and the worm’s sophisticated spreading methods.

“Our analysis provides critical intelligence about how this supply chain attack operated and the true scope of repository exposure,” says Vladimir Gurskiy, malware analyst at Kaspersky Threat Research. “The worm’s systematic migration of private repositories from organisations to individual accounts represents a significant escalation in supply chain threats – potentially exposing years of proprietary development work.

“This research reinforces why we maintain the Kaspersky Open Source Software Threats Data Feed – organisations need realtime intelligence about compromised packages to protect their development pipelines from exactly these types of sophisticated attacks,” he adds.

Kaspersky’s research confirms that ngx-bootstrap version 18.1.4 served as the patient zero package and explains the technical methodology for this determination. Researchers identified a crucial distinguishing characteristic: while all subsequent infected packages executed malicious code through post-installation scripts, the patient zero package uniquely used a pre-installation command, revealing it as the starting point rather than a victim of automated spreading.

The worm contains functionality specifically designed to compromise private organisational repositories on GitHub. Beyond stealing authentication tokens, it automatically migrates private and internal repositories from GitHub organisations into user accounts, effectively making confidential corporate code publicly accessible and exposing entire proprietary codebases.

Kaspersky solutions identify the malware as HEUR:Worm.Script.Shulud.gen. Organisations can check for infection by searching for “shai-hulud” branches in their GitHub repositories or the presence of shai-hulud-workflow.yml files.