Mini Shai-Hulud Worm Compromises Multiple Software Packages

A new attack on the software supply chain has compromised several npm and PyPI packages, including those from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI. The attack is attributed to the threat actor TeamPCP, linked to the Mini Shai-Hulud campaign. The affected packages were modified with an obfuscated JavaScript file named "router_init.js", which aims to profile execution. Security researchers have found that the obfuscated files are hidden within the affected packages, making detection by conventional security solutions more difficult. This type of attack is particularly concerning as it jeopardizes the integrity of the software supply chain and could potentially impact a wide range of applications and services.

The exact number of affected users and systems is currently unclear. TeamPCP has previously conducted similar attacks, focusing on widely used open-source packages. The current campaign demonstrates an increasing sophistication in the attackers' methods, allowing them to integrate their malicious changes undetected into legitimate software. Security researchers warn that such attacks could become more frequent in the future. The affected companies have already taken steps to close the security gaps.

TanStack and Mistral AI have released updates to replace the compromised packages and remove the obfuscated files. Users are strongly urged to update their systems and install the latest versions of the affected packages to protect against potential attacks. The security community has highlighted the need to improve security practices when using open-source software. This includes implementing security audits and using tools to monitor dependencies. Experts recommend that developers and companies regularly review their dependencies to ensure they are not using compromised packages.

The Mini Shai-Hulud campaign is not the first of its kind, but it underscores the ongoing challenges faced by the software industry. Attackers are increasingly employing complex techniques to bypass security measures and achieve their objectives. The response from the affected companies and the security community will be crucial in minimizing the impact of such attacks. The vulnerability affects not only the compromised packages but could also have repercussions for other software that uses these packages as dependencies. This could lead to a chain reaction that jeopardizes the security of a variety of applications.

The exact scope of the attack is still under investigation. Security researchers have already conducted preliminary analyses of the obfuscated file and found that it is capable of collecting information about the environment in which it runs. This information could be used by attackers to conduct targeted attacks on specific systems. The analysis of the file is ongoing to uncover further details about the attack's operation. The incidents have also sparked a discussion about the responsibility of developers and companies that utilize open-source software.

There are calls for more resources to be invested in the security of open-source projects to prevent such attacks in the future. The community is urged to collaborate to raise security standards and protect the integrity of the software supply chain. The vulnerability was discovered on May 12, 2026, and the affected companies are actively working to address the issues. Researchers recommend that all users of the affected packages take immediate action to protect their systems.