When Your Package Manager Became a Weapon: Anatomy of the First Self-Replicating Supply Chain Worm
Speaker: Sahil Bansal
Abstract
You've heard about
Shai-Hulud. The worm that hit npm in September 2025. Over 500
packages compromised, GitHub repos going public with
'Shai-Hulud' in the name,
CISA issuing emergency alerts
. But here's what most people don't know: how do you
actually catch something like this before it spreads?
This talk isn't another “here's what happened” post-mortem.
It's about building detection systems that work on zero
days. We'll show you how we combine static code analysis
with dynamic runtime monitoring in sandboxed containers,
using Falco and eBPF to watch what packages actually do when
they execute. Not signatures. Not CVE databases. Real
behavioural analysis at system-call level.
We'll walk through how the worm worked (credential theft,
GitHub Actions injection, self-replication via npm tokens),
why traditional tools failed (timing problem, not detection
problem), and how to build your own detection
infrastructure. We will be talking about our detection
rules, the architecture for large-scale dynamic analysis,
and showing live demos of catching malicious packages in
isolated environments. You'll leave with open-source tools
like vet and PMG that you can deploy immediately.