New NPM supply-chain attack compromises major ENS and crypto libraries

A researcher warned that more than 400 NPM libraries — including at least 10 crypto packages, mostly tied to ENS — were compromised by the Shai Hulud malware.

A major JavaScript supply-chain attack has compromised hundreds of software packages — including at least 10 used widely across the crypto ecosystem — according to new research from cybersecurity firm Aikido Security.

In a Monday post, Charlie Eriksen, a researcher at Aikido Security, shared the names of over 400 packages that show signs of infection with the “Shai Hulud” self-replicating malware used in an ongoing JavaScript NPM library supply chain attack. Eriksen said he validated each detection to avoid false positives.

Many of the cryptocurrency-related packages involved receive tens of thousands of downloads per week and have numerous other packages that require them to function. In an X post published earlier today, Eriksen also warned the Ethereum Name Service (ENS) team that several of their packages are affected.

Read more