Post-mortem of Shai-Hulud attack on November 24th, 2025
15 days ago
- #npm
- #github
- #security
- A malicious self-replicating worm, Shai-Hulud 2.0, compromised PostHog's SDKs and packages on November 24th, 2025.
- The worm used a preinstall script to scan for and exfiltrate credentials, then propagated by publishing malicious npm packages.
- PostHog identified and deleted the malicious packages by 9:30 AM UTC, revoking compromised tokens and rolling credentials.
- Affected packages included posthog-node, posthog-js, posthog-react-native, and others, with specific versions listed.
- Recommendations for users include checking for malicious files, reviewing npm logs, deleting cached dependencies, and pinning to known-good versions.
- The attack originated from a stolen GitHub Personal Access Token of a PostHog bot, used to exfiltrate npm publishing tokens.
- Attackers exploited a workflow vulnerability via a pull request, modifying scripts to steal credentials and initiate the worm.
- PostHog's open-source nature and a misunderstood GitHub workflow trigger contributed to the security breach.
- Post-mortem reveals the attack was part of a broader campaign targeting multiple vendors as initial vectors.
- PostHog is implementing tighter security measures, including trusted publisher models, enhanced PR reviews, and improved secrets management.
- The incident has prompted a broader focus on security within PostHog, including hiring dedicated security personnel.