# SAP NPM Packages Targeted in Supply Chain Attack: "Mini Shai-Hulud" Exploits Package Managers to Bypass Security


A sophisticated supply chain attack targeting SAP-related Node Package Manager (NPM) packages has exposed vulnerabilities in dependency management practices. The campaign, dubbed "Mini Shai-Hulud," leveraged preinstall hooks to inject malicious code that executes a Bun binary designed to circumvent security monitoring tools, highlighting the ongoing risk of compromised dependencies in enterprise software development environments.


## The Threat


Researchers discovered that malicious actors compromised NPM packages associated with SAP, injecting a preinstall hook that automatically executes during package installation. The hook's primary function was to fetch and execute a Bun binary—a JavaScript runtime alternative to Node.js—that operates outside the visibility of traditional security monitoring solutions.


Key characteristics of the attack:


  • Attack Vector: Preinstall hooks in compromised NPM packages
  • Payload Delivery: Automated download and execution of Bun binaries
  • Objective: Bypass endpoint detection and response (EDR) and security information and event management (SIEM) tools
  • Target Scope: SAP-related development environments and dependencies

    • The attack demonstrates a concerning trend: threat actors are becoming increasingly sophisticated in exploiting the software supply chain, targeting the dependencies that organizations implicitly trust as part of their build and deployment pipelines.


    ## Background and Context


    ### Why NPM Packages Matter


    NPM (Node Package Manager) is the primary package registry for JavaScript and Node.js development. With millions of packages available, NPM has become critical infrastructure for modern software development—particularly in web applications, backend services, and cloud-native environments. This ubiquity makes NPM an attractive target for supply chain attacks.


    The supply chain attack landscape:


    Organizations typically vet their direct dependencies but often lack visibility into transitive dependencies—packages required by the packages they actually use. This creates a vast attack surface that threat actors routinely exploit.


    ### SAP as a Target


    SAP systems manage critical business processes for organizations worldwide, from enterprise resource planning (ERP) to human capital management (HCM) and supply chain operations. A compromised SAP-adjacent NPM package could potentially affect:


  • Development workflows for SAP extensions and custom integrations
  • CI/CD pipelines that build and deploy SAP-related applications
  • Internal tools and utilities used by development teams working with SAP environments

    • By targeting SAP specifically, attackers focused on enterprises with substantial security budgets and sensitive operational data—maximizing the potential impact of a successful compromise.


    ## Technical Details


    ### How Preinstall Hooks Work


    NPM allows package authors to define lifecycle scripts that execute at various stages of package installation. The preinstall hook runs before the package files are extracted and integrated into the project. This timing is critical: by the time security tools scan for malicious content, the hook has already executed.


    The attack flow:


    1. Developer runs: npm install [compromised-package]
2. NPM downloads the package manifest
3. preinstall hook triggers automatically
4. Malicious script executes with developer's privileges
5. Bun binary is downloaded from attacker-controlled server
6. Binary executes, establishing persistence or exfiltrating data
7. Package installation completes normally (raising no suspicion)

    ### The Bun Binary Payload


    Bun is a legitimate, open-source JavaScript runtime designed as a faster alternative to Node.js. However, in this attack, it served as an obfuscation and evasion mechanism:


  • Why Bun? Many organizations monitor for suspicious Node.js process creation but may not have comparable detection for Bun processes
  • Evasion benefit: Running code through Bun, rather than Node.js or shell scripts, obscures the malicious intent and may bypass process-based detection rules
  • Execution isolation: Bun runs in its own context, potentially evading parent process monitoring and API hooks that target Node.js specifically

    • The attack represents a deliberate choice to exploit gaps in security monitoring—attackers identified that enterprise EDR solutions often focus on well-known runtimes and attack vectors, leaving alternative execution environments like Bun relatively unmonitored.


    ## Implications


    ### Affected Organizations


    While the attack specifically targeted SAP-related packages, the implications extend far beyond SAP users:


  • Development teams using compromised dependencies faced potential code execution within their build environments
  • CI/CD pipelines may have been compromised without detection, potentially allowing attackers to inject malicious code into production applications
  • Supply chain partners downstream could inherit compromised code, creating cascading risks
  • Enterprises with strict dependency controls were less affected, but those with permissive package policies faced significant risk

    • ### The Broader Risk


    This attack illustrates a critical vulnerability in how modern software development manages trust:


    | Aspect | Risk |

    |--------|------|

    | Dependency Explosion | Modern applications depend on hundreds or thousands of packages; auditing all is impractical |

    | Implicit Trust | Developers rarely audit package source code; they assume npm.org vetting is sufficient |

    | Automation Blindness | Automated tooling runs with full system privileges; a preinstall hook inherits the privilege level of npm install |

    | Monitoring Gaps | EDR solutions are tuned for known attack patterns; novel execution methods (like Bun) may evade detection |

    | Speed vs. Security | Development pressure to ship features often conflicts with dependency security reviews |


    ### Enterprise Impact


    For organizations using affected SAP packages:


  • Potential code injection into production systems
  • Data exfiltration from development or staging environments
  • Credential compromise if the binary accessed stored API keys or tokens
  • Compliance violations if customer or sensitive business data was accessed
  • Reputational damage if the compromise became public

    • ## Recommendations


    ### For Development Teams


    1. Audit Current Dependencies

    - Run npm audit and review reported vulnerabilities

    - Use npm list to identify all transitive dependencies

    - Check GitHub advisories for high-risk packages


    2. Implement Dependency Pinning

    - Use exact versions in package-lock.json or yarn.lock

    - Avoid wildcard version constraints that auto-update

    - Review and approve any dependency updates manually


    3. Restrict Lifecycle Scripts

    - Use npm install --ignore-scripts when installing untrusted packages

    - Configure .npmrc to disable automatic script execution where possible

    - Require explicit approval for preinstall, postinstall, and prepare hooks


    ### For Security Teams


    1. Monitor Runtime Behavior

    - Log all process creation during CI/CD pipelines

    - Alert on unusual process execution (e.g., downloading binaries, network connections from build agents)

    - Monitor for Bun and other alternative runtimes that may indicate evasion


    2. Implement Software Bill of Materials (SBOM)

    - Require SBOMs for all third-party software

    - Automatically scan SBOMs against known vulnerability databases

    - Establish a baseline of "approved" dependencies


    3. Isolate Build Environments

    - Run CI/CD jobs in containers with minimal privileges

    - Use network segmentation to restrict outbound connections from build agents

    - Regularly rotate credentials used by build systems


    ### For Organizations


    1. Adopt Zero-Trust for Supply Chain

    - Assume any dependency could be compromised

    - Implement code signing and verification for critical packages

    - Consider using only packages with demonstrated security track records and active maintainers


    2. Regular Incident Response Drills

    - Conduct tabletop exercises simulating supply chain compromises

    - Establish procedures to quickly identify affected internal systems

    - Maintain a plan to rapidly roll back or remediate compromised code


    3. Vendor Communication

    - Engage with SAP and other vendors about security practices

    - Request transparency regarding dependencies and security controls

    - Include supply chain security requirements in vendor contracts


    ## Conclusion


    The "Mini Shai-Hulud" attack demonstrates that supply chain security remains a critical weakness in modern software development. By targeting NPM packages and using legitimate-but-obscure runtimes to bypass detection, threat actors continue to evolve their tactics.


    Organizations must move beyond reactive vulnerability scanning to proactive dependency management, runtime monitoring, and zero-trust principles. The attack surface created by software dependencies is unlikely to shrink—making robust, multi-layered defenses essential for any organization building or deploying software in 2026.