Mini Shai Hulud Strikes Again Hitting over 100 Npm and PyPI Packages Including Mistral AI

Supply‑chain attacks have evolved from isolated incidents to self‑propagating campaigns, and Mini Shai Hulud exemplifies this shift. By forking open‑source repositories and inserting malicious commits, the group leverages the trust developers place in widely used npm and PyPI packages. The malware’s primary function is credential theft, targeting CI/CD tokens, cloud metadata endpoints, and Kubernetes service accounts. This approach allows threat actors to infiltrate the very pipelines that build, test, and deploy modern applications, turning development environments into a foothold for broader network compromise.

The recent wave hits high‑visibility projects such as TanStack’s routing suite and Mistral AI’s Python client, both of which sit at the core of many JavaScript and AI workloads. TanStack alone records about 56 million weekly downloads, meaning a single compromised version can propagate to millions of downstream applications in hours. The PyPI payload adds a geopolitical twist: it includes logic to avoid Russian‑language systems and a 1‑in‑6 chance of executing a destructive rm ‑rf / command when it detects an Israeli or Iranian environment. Such targeted sabotage raises the stakes beyond data exfiltration, introducing potential operational downtime for critical services.

Mitigation now hinges on rigorous secret hygiene and proactive supply‑chain monitoring. Organizations should immediately rotate all GitHub, GitLab, and CircleCI tokens, revoke compromised npm and PyPI credentials, and block the malicious IP address 83.142.209.194. Continuous scanning for known IOCs, verifying package integrity via SHA‑256 hashes, and employing automated dependency‑graph analysis can detect anomalous changes before they reach production. As attackers continue to weaponize open‑source ecosystems, a layered defense—combining developer education, zero‑trust CI/CD, and real‑time threat intelligence—will be essential to safeguard the software supply chain.