SAP npm Packages Hit by Malicious Supply Chain Attack

Multiple Security Firms Issue Joint Warning: SAP npm Ecosystem Under Supply Chain Attack

Multiple cybersecurity research organizations have jointly issued a warning about an ongoing supply chain attack targeting SAP-related npm packages. The threat actor, self-identified as "Mini Shai-Hulud," has injected credential-stealing malicious code into several npm packages associated with SAP JavaScript and cloud applications, affecting a large number of enterprise developers.

According to a joint report from security firms including Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, this attack campaign has compromised multiple npm packages closely tied to the SAP ecosystem, posing a serious software supply chain security threat.

Attack Methodology: Precision Targeting of Enterprise Development Ecosystems

The core technique of this attack involves tampering with SAP-related npm packages by injecting malicious code designed to steal sensitive credentials from developers and enterprise users. The choice of the SAP ecosystem as a target is no coincidence — as one of the world's largest enterprise software vendors, SAP's JavaScript SDK and cloud platform development tools are relied upon by tens of thousands of enterprises.

The name "Mini Shai-Hulud" is borrowed from the sandworm in the science fiction novel Dune, suggesting that the malware lurks like a threat hidden deep beneath the desert, concealed within seemingly legitimate packages and waiting to strike. Once a developer installs or updates an infected package in their project, the malicious code executes automatically, exfiltrating sensitive information such as environment variables, API keys, and database credentials to servers controlled by the attacker.

AI Era Amplifies Supply Chain Security Challenges

Notably, as AI technology becomes widely adopted in software development, the risks of supply chain attacks are being further amplified. An increasing number of developers rely on AI coding assistants to automatically generate dependency configurations, yet AI models may fail to identify tampered malicious versions when recommending packages. This makes supply chain attacks even more covert and efficient in the era of AI-assisted development.

Furthermore, enterprises today heavily depend on open-source ecosystems when building AI applications. From large language model inference frameworks to data processing pipelines, third-party dependencies on package management platforms such as npm and PyPI are ubiquitous. A single critical package being compromised could lead to credential leaks across the entire AI development pipeline, potentially triggering large-scale data security incidents.

Security Recommendations and Countermeasures

Security researchers advise developers to take the following immediate actions:

• Audit project dependencies: Check whether your projects use any affected SAP-related npm packages and verify whether currently installed versions are known compromised versions
• Enable lock file mechanisms: Use package-lock.json or yarn.lock to pin dependency versions, preventing automatic pulls of tampered new releases
• Deploy supply chain security tools: Integrate supply chain security scanning tools such as Socket and Snyk for real-time monitoring of dependencies
• Rotate sensitive credentials: If any affected packages have been installed, immediately rotate all potentially exposed API keys and access credentials

Outlook: Software Supply Chain Security Demands Systematic Defense

This incident once again sounds the alarm on open-source software supply chain security. As enterprise digital transformation accelerates and AI technology proliferates, the software supply chain has become a high-value target in the eyes of attackers. Industry experts urge enterprises to incorporate supply chain security into their overall security strategy, establishing end-to-end protection systems spanning code auditing, dependency management, and runtime monitoring to effectively counter increasingly sophisticated supply chain threats.