Skip to content

Releases: gensecaihq/Shai-Hulud-2.0-Detector

v2.0.0 - Enhanced Detection with SHA256 Hashing, on:discussion Triggers & Runner Installation Scanning

04 Dec 18:53
@alokemajumder alokemajumder
v2.0.0
54af49b

Choose a tag to compare

View all tags
v2.0.0 - Enhanced Detection with SHA256 Hashing, on:discussion Triggers & Runner Installation Scanning Latest
Marketplace
Latest
Marketplace

Shai-Hulud 2.0 Detector v2.0.0

Protect your projects from the Shai-Hulud 2.0 npm supply chain attack with enhanced detection capabilities.

Why This Release?

After the initial attack on November 24, 2025, security researchers discovered additional attack vectors and persistence mechanisms:

  • Backdoor Persistence: on: discussion workflow triggers that persist even after removing compromised packages
  • Rogue Runner Installation: Self-hosted runners installed in $HOME/.dev-env/ for long-term access
  • Malware Variants: 6+ variants of bun_environment.js with different SHA256 hashes

This release incorporates findings from Wiz, Datadog Security Labs, Aikido Security, and other researchers.

What's New in v2.0.0

Automated Daily IOC Updates (NEW!)

The package database is now automatically updated daily from the Datadog Consolidated IOCs, aggregating data from 7 security vendors:

Source Description
Wiz Threat investigation & attack analysis
Koi Security Supply chain threat intelligence
HelixGuard Malware analysis and IOC identification
StepSecurity GitHub Actions security
ReversingLabs Software supply chain security
Socket.dev npm security monitoring
Datadog Security Labs SHA256 hash IOCs & malware analysis

Precise Version Matching (NEW!)

Eliminates false positives by matching only specific compromised versions:

@asyncapi/[email protected]  →  ✅ SAFE (pre-attack version)
@asyncapi/[email protected]  →  ❌ COMPROMISED
@asyncapi/[email protected]  →  ❌ COMPROMISED

SHA256 Hash Matching

Cryptographic signature matching against known Shai-Hulud malware variants.

on:discussion Workflow Trigger Detection

Detects malicious on: discussion workflow triggers used for command injection backdoors.

Runner Installation Detection

Scans for .dev-env/ directories and actions-runner-linux-x64-2.330.0 artifacts.

Bug Fixes

Angular prepublishOnly false positive (#21) - NEW!

  • Fixed false positive for Angular packages using prepublishOnly scripts for legitimate build processes

Exfiltrat pattern false positive (#20) - NEW!

  • Made exfiltrat pattern detection context-aware to reduce false positives

CLI crash outside GitHub Actions (#15)

  • Fixed GITHUB_STEP_SUMMARY error when running locally with --fail-on-critical=false

Incorrect isDirect flag (#16)

  • Fixed transitive dependencies incorrectly marked as direct

False positives for clean versions (#18)

  • Fixed by using specific version matching instead of wildcards

Quick Start

- uses: gensecaihq/Shai-Hulud-2.0-Detector@v2
  with:
    fail-on-critical: true

Database Statistics

Metric Value
Total Packages 795+
Data Sources 7 security vendors
Update Frequency Daily (automated)
Version Precision Specific versions only

All Features

Package Detection

  • Database of 795+ compromised packages with specific version matching
  • Scans package.json, package-lock.json, yarn.lock, and pnpm-lock.yaml
  • Monorepo support with automatic subdirectory scanning

Security Findings Detection

  • Malicious scripts: setup_bun.js, bun_environment.js in install hooks
  • SHA256 hash matching: Cryptographic signature detection
  • TruffleHog activity: Credential scanning patterns
  • SHA1HULUD runners: Malicious GitHub Actions self-hosted runners
  • Secrets exfiltration: actionsSecrets.json and other output files
  • on:discussion triggers: Backdoor persistence detection
  • Runner installation: .dev-env/ directories and runner tarballs

Output Formats

  • Text: Human-readable console output
  • JSON: Machine-parseable results
  • SARIF: GitHub Security tab integration

Acknowledgements

Special thanks to the security research community:

Links

Assets 2
Loading

v1.0.2 - Improved Version Matching & Bug Fixes

01 Dec 12:31
@alokemajumder alokemajumder
v1.0.2
55cd78e

Choose a tag to compare

View all tags
v1.0.2 - Improved Version Matching & Bug Fixes

Shai-Hulud 2.0 Detector v1.0.2

This release includes important bug fixes and a major feature enhancement for version matching accuracy.

What's New

🎯 Semver Version Matching (#11)

The detector now uses proper semver version range matching when checking for compromised packages. This significantly reduces false positives by accurately matching only the specific vulnerable versions.

Before: Packages were matched by name only, potentially flagging safe versions.

After: Uses semver to match exact versions, ranges, and patterns defined in the compromised packages database.

// Example: [email protected] is now correctly identified as SAFE
// Only [email protected] and @2.0.3 are flagged as compromised

🐛 Bug Fix: Correct totalDependencies Count (#10)

Fixed an issue where totalDependencies was being overwritten in each scan loop instead of accumulated. The scan summary now correctly reports the total number of unique dependencies scanned.

Contributors

Special thanks to @albe (Alexander Berl) for both contributions!

@albe
@albe
PR #10, PR #11

Technical Details

Change Description
isAffected(name, version) Now accepts version parameter for semver matching
satisfies() / intersects() Uses semver library for accurate version comparison
totalDependencies Now uses += instead of = for correct accumulation
New dependency Added semver package for version matching

Upgrade Guide

Simply update your workflow to use the latest version:

# Use the latest v1.x (recommended)
- uses: gensecaihq/Shai-Hulud-2.0-Detector@v1

# Or pin to this specific version
- uses: gensecaihq/[email protected]

Links

Full Changelog: v1.0.1...v1.0.2

Loading

v1.0.1 - Scan Node Modules Support

01 Dec 03:50
@alokemajumder alokemajumder
v1.0.1
6cc65c9

Choose a tag to compare

View all tags
v1.0.1 - Scan Node Modules Support

Shai-Hulud 2.0 Detector v1.0.1

We're excited to announce v1.0.1 with a key feature addition contributed by our community!

What's New

🎯 Scan Node Modules Support (#9)

The --scan-node-modules flag now works as documented! You can now optionally scan your node_modules directory for a more thorough security analysis.

- uses: gensecaihq/Shai-Hulud-2.0-Detector@v1
  with:
    scan-node-modules: true  # Now functional!

CLI Usage:

node dist/index.js --scan-node-modules=true --working-directory="/path/to/project"

Note: This is disabled by default to maintain fast scan times. Enable it when you need deep inspection of installed packages.

Contributors

Special thanks to @albe (Alexander Berl) for implementing this feature!

@albe
@albe
Implemented scan-node-modules

Technical Details

Change Description
findPackageJsonFiles() Now accepts scanNodeModules parameter
findLockfiles() Now accepts scanNodeModules parameter
runScan() Passes the flag to file discovery functions
Default behavior Unchanged - node_modules skipped by default

Upgrade Guide

Simply update your workflow to use the latest version:

# Use the latest v1.x (recommended)
- uses: gensecaihq/Shai-Hulud-2.0-Detector@v1

# Or pin to this specific version
- uses: gensecaihq/[email protected]

Links

Full Changelog: v1.0.0...v1.0.1

Loading

v1.0.0 - Initial Release

28 Nov 19:07
@alokemajumder alokemajumder
v1.0.0
f55c96d

Choose a tag to compare

View all tags
v1.0.0 - Initial Release
Marketplace
Marketplace

Shai-Hulud 2.0 Detector v1.0.0

Protect your projects from the Shai-Hulud 2.0 npm supply chain attack.

Features

Package Detection

  • Database of 790+ compromised packages from the November 2025 attack
  • Scans package.json, package-lock.json, yarn.lock, and pnpm-lock.yaml
  • Monorepo support with automatic subdirectory scanning

Security Findings Detection

  • Malicious scripts: setup_bun.js, bun_environment.js in install hooks
  • TruffleHog activity: Credential scanning patterns
  • SHA1HULUD runners: Malicious GitHub Actions self-hosted runner references
  • Secrets exfiltration: actionsSecrets.json and other output files
  • Malicious workflows: formatter_*.yml, discussion.yaml patterns
  • Webhook exfiltration: webhook.site endpoints and known malicious UUIDs
  • Shai-Hulud references: Repository names, git branches, remote URLs

Output Formats

  • Text: Human-readable console output
  • JSON: Machine-parseable results
  • SARIF: GitHub Security tab integration

CI/CD Integration

  • GitHub Actions (recommended)
  • GitLab CI
  • Jenkins
  • Azure DevOps
  • CircleCI

Fixes Included

  • Fixed false positive for iOS Xcode content.json files (#5)
  • Fixed false positive for kill-port ecosystem packages (#8)
    • kill-port: Only versions 2.0.2, 2.0.3 are compromised
    • get-them-args: Only version 1.3.3 is compromised
    • shell-exec: Only versions 1.1.3, 1.1.4 are compromised
  • Added CLI argument support alongside environment variables (#4)
  • Added Thanks section recognizing community contributors
  • Added automatic weekly contributor updates workflow

Quick Start

- uses: gensecaihq/Shai-Hulud-2.0-Detector@v1
  with:
    fail-on-critical: true

Affected Organizations

Zapier, ENS Domains, PostHog, AsyncAPI, Postman, Voiceflow, BrowserBase, Oku UI, and many more.

Links

Loading