# Mini Shai-Hulud

> **TL;DR.** Mini Shai-Hulud is the fourth-generation variant of the Shai-Hulud supply-chain worm family, built by threat group TeamPCP to self-propagate across npm, PyPI, and Packagist by stealing CI/CD credentials and republishing infected packages through compromised maintainer accounts.

- **Category:** Security / Supply Chain / Developer Tools
- **Stage:** validating
- **Age:** 46 days
- **Origin date:** 2026-04-29
- **First detected:** 2026-05-12
- **Canonical URL:** https://earlyterms.com/term/mini-shai-hulud
- **Sources:** 8 primary URLs

## Definition

Mini Shai-Hulud is the fourth-generation variant of the Shai-Hulud supply-chain worm family, built by threat group TeamPCP to self-propagate across npm, PyPI, and Packagist by stealing CI/CD credentials and republishing infected packages through compromised maintainer accounts.

First detected in [April 2026](https://www.stepsecurity.io/blog/a-mini-shai-hulud-has-appeared) targeting SAP packages, Mini Shai-Hulud reached critical mass on May 11, 2026, when it compromised 42 TanStack packages with valid SLSA Build Level 3 provenance attestations — the first documented case of a worm defeating cryptographic supply-chain integrity controls. On May 12, 2026, TeamPCP [open-sourced the complete attack toolkit](https://www.akamai.com/blog/security-research/mini-shai-hulud-worm-returns-goes-public) on GitHub, making the worm-as-a-service available to any threat actor.

## Analogy

Think of it as a skeleton key that clones itself into every lock it opens.

## Why it's emerging now

Mini Shai-Hulud broke two npm supply-chain defenses: it forged valid SLSA Build Level 3 provenance and survived remediation via AI coding agent session hooks. TeamPCP open-sourced the full toolkit May 12, 2026 — derivatives Miasma and Hades are already active.

## Related terms

- *child:* miasma
- *parent:* supply chain attack
- *related:* protestware
- *related:* npmx
- *related:* agent-traps
- *related:* stop-hook
- *related:* claude-code
- *related:* coding-agents
- *related:* webhook-secrets
- *related:* dependency-cooldowns
- *parent:* Shai-Hulud
- *related:* SLSA

## Sources

1. [Akamai Security Research: Mini Shai-Hulud Worm Returns and Goes Public (May 12, 2026)](https://www.akamai.com/blog/security-research/mini-shai-hulud-worm-returns-goes-public)
2. [Snyk: TanStack npm Packages Hit by Mini Shai-Hulud — SLSA BL3 provenance defeated (May 12, 2026)](https://snyk.io/blog/tanstack-npm-packages-compromised/)
3. [SafeDep: Mini Shai-Hulud Strikes Again — 314 npm Packages Compromised (May 19, 2026)](https://safedep.io/mini-shai-hulud-strikes-again-314-npm-packages-compromised/)
4. [StepSecurity: TeamPCP's Mini Shai-Hulud Is Back — TanStack Self-Spreading Supply Chain Attack (May 12, 2026)](https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem)
5. [Tenable: Mini Shai-Hulud FAQ — CVE-2026-45321, CVSS 9.6, four campaign waves (May 2026)](https://www.tenable.com/blog/mini-shai-hulud-frequently-asked-questions)
6. [Semgrep: Mini Shai-Hulud Spreads to Packagist via Malicious Intercom PHP Composer Plugin (May 2026)](https://semgrep.dev/blog/2026/malicious-intercom-php-package-spreads-mini-shai-hulud-attack-to-packagist-via-composer-plugin/)
7. [Socket: Mini Shai-Hulud, Miasma, and Hades Target Bioinformatics and MCP Developers (Jun 13, 2026)](https://socket.dev/blog/mini-shai-hulud-miasma-and-hades-worms-target-bioinformatics-and-mcp-developers-via-malicious)
8. [Cloud Security Alliance: Mini Shai-Hulud Multi-Ecosystem Supply Chain Attack Research Note](https://labs.cloudsecurityalliance.org/research/csa-research-note-mini-shai-hulud-multi-ecosystem-supply-cha/)

---
_Generated by EarlyTerms · https://earlyterms.com/term/mini-shai-hulud_