Cybersecurity researchers warn of a supply chain campaign called βmini Shai-Huludβ that poisoned SAP-related npm packages ([email protected], @cap-js/[email protected], @cap-js/[email protected], @cap-js/[email protected]) by adding a preinstall hook that downloads and executes a Bun-based credential stealer. The malware harvests developer, GitHub, npm, and cloud secrets, encrypts and exfiltrates them to victim-owned GitHub repositories, and self-propagates via injected GitHub Actions and AI/IDE hooks to persist and spread. #MiniShaiHulud #TeamPCP #SAP #npm #Bun #GitHubActions #ClaudeCode #VSCode
Keypoints
- Poisoned npm releases targeted SAP-related packages: [email protected] and three @cap-js packages (db-service, postgres, sqlite).
- The compromised releases added a preinstall hook (setup.mjs) that downloads a Bun runtime from GitHub Releases and executes a credential-stealing payload (execution.js).
- The malware harvests local developer credentials, GitHub and npm tokens, GitHub Actions secrets, and cloud secrets (AWS, Azure, GCP, Kubernetes), then encrypts and exfiltrates them to public GitHub repos.
- It self-propagates by injecting malicious GitHub Actions workflows and abusing AI/IDE hooks (.claude/settings.json and .vscode/tasks.json) to trigger on Claude Code and VS Code openings.
- Root cause analysis points to compromised maintainer accounts/tokens and a misconfigured npm OIDC trust that allowed non-canonical workflows to obtain short-lived tokens; maintainers have released fixed versions.
Read More: https://thehackernews.com/2026/04/sap-npm-packages-compromised-by-mini.html