Advisory 113

CERT VU advisories & alerts disclose current reported cyber security vulnerabilities and threats identified in Vanuatu. The advisories deliver provide a summary of the threat analysed. Descriptions of the threat reported and mitigation procedures are provided as part of the advisory on how to mitigate the threats to minimise their impacts. Finally, a Traffic Light Protocol (TLP: Colour – See guides page for more information) indicator to show the level or information security and sharing rights.

Shai Hulud 2.0 Supply Chain Compromise

Release Date: 24th of November 2025

Impact : HIGH / CRITICAL

TLP Rating: Clear

CERT Vanuatu (CERTVU) and the Department of Communication and Digital Transformation (DCDT) provide the following advisory.

This alert is relevant to Organizations and System/Network administrators that utilize the above products. This alert is intended to be understood by technical users and systems administrators.

What is it?

Shai Hulud 2.0 is a self-propagating supply chain Malware targeting the NPM (Node Package Manager) ecosystem. It spreads through malicious NPM packages that execute lifecycle scripts to steal developer credentials and compromise Git-Hub, Git-Lab, Azure DevOps, and cloud services.

What are the Systems affected?

What does this means?

Mitigation process

References

Download advisory (English): Shai Hulud 2.0 Supply Chain Compromise
Download advisory (Bislama): Atak blong Saplae Jen blong Shai Hulud 2.0
Download advisory (French): Faille dans la chaîne logistique de Shai Hulud 2.0

Quick Links

Start a Conversation

+678 33380
info@cert.gov.vu

Main Menu

Our Security Advisories