PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

Steven

PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

Summary

PostHog says the Shai-Hulud 2.0 npm worm was the largest and most impactful security incident it has experienced. Malicious releases were slipped into core JavaScript SDKs (posthog-node, posthog-js, posthog-react-native) via a CI/CD automation flaw. A pre-install script executed TruffleHog scans for credentials, exfiltrated secrets to public GitHub repos and then used stolen npm credentials to publish further trojanised packages, allowing the worm to spread.

Security researchers at Wiz found that more than 25,000 developers had secrets compromised within three days. The worm was capable of stealing npm/GitHub tokens, cloud credentials (AWS, Azure, GCP), CI/CD secrets and environment variables from developer machines and build systems. PostHog revoked compromised tokens, removed malicious package versions and published known-good releases while announcing changes to its release model and CI/CD workflows.

Key Points

  • A malicious pull request caused automation to run with full project privileges, letting attackers exfiltrate a bot personal-access token with organisation-wide write access.
  • Compromised PostHog SDKs contained pre-install scripts that scanned for and exfiltrated secrets, then reused stolen npm credentials to publish additional malicious packages.
  • Wiz reports over 25,000 developers had secrets stolen in the first three days of the campaign.
  • The malware behaved as a worm, propagating through the dependency tree and harvesting cloud, CI/CD and GitHub tokens from developer and build environments.
  • PostHog’s mitigations include revoking tokens, removing trojanised versions, issuing known-good releases, adopting a “trusted publisher” model, stricter workflow reviews and disabling install-script execution in CI/CD.

Context and relevance

Supply-chain and CI/CD attacks are escalating in frequency and impact. This incident is a textbook example of how excessive automation privileges and trusting unreviewed pull-request code can convert a single malicious change into a widespread worm affecting thousands. If you run packages, CI pipelines or manage tokens, the lessons here are directly relevant: lock down automation, minimise token scopes and treat install-time scripts as dangerous.

Why should I read this?

Short version: if you touch npm, CI/CD or repos, read this. It shows how one dodgy PR plus over-privileged automation turned into a worm that nicked thousands of secrets. The fixes are practical and relevant — you can apply them to stop the same mistake happening at your shop.

Author style

Punchy — this is presented as a major, avoidable failure. Read the detail if you care about developer security or run automated workflows; the postmortem lists concrete measures that matter.

Source

Source:https://go.theregister.com/feed/www.theregister.com/2025/11/28/posthog_shaihulud/