Post-mortem of Shai-Hulud attack on November 24th, 2025

Summary

At 4:11 AM UTC on November 24th, a number of our SDKs and other packages were compromised, with a malicious self-replicating worm - Shai-Hulud 2.0. New versions were published to npm, which contained a preinstall script that:Scanned the environment the install script was running in for credentials of any kind using Trufflehog, an open-source security tool that searches codebases, Git histories, and other data sources for secrets.Exfiltrated those credentials by creating a new public repository on GitHub and pushing the credentials to it.Used any npm credentials found to publish malicious packages to npm, propagating the breach.By 9:30 AM UTC, we had identified the malicious packages, deleted them, and revoked the tokens used to publish them. We also began the process of rolling all potentially compromised credentials pre-emptively, although we had not at the time established how our own npm credentials had been compromised (we have now, details below).The attack only affected our Javascript SDKs published in npm. The most relevant compromised packages and versions were:posthog-node 4.18.1, 5.13.3 and 5.11.3posthog-js 1.297.3posthog-react-native 4.11.1posthog-docusaurus 2.0.6posthog-react-native-session-replay@1.2.2@posthog/agent@1.24.1@posthog/ai@7.1.2@posthog/cli@0.5.15If you are using the script version of PostHog you were not affected since the worm spread via the preinstall step when installing your dependencies on your development/CI/production machines.If you are using one of our Javascript SDKs, our recommendations are to:Look for the malicious files locally, in your home folder, or your document roots:find . -name "setup_bun.js" \ -o -name "bun_environment.js" \ -o -name "cloud.json" \ -o -name "contents.json" \ -o -name "environment.json" \ -o -name "truffleSecrets.json"Check npm logs for suspicious entries:grep -R "shai" ~/.npm/_logsgrep -R "preinstall" ~/.npm/_logsDelete any cached dependencies:rm -rf node_modulesnpm cache clean --forcepnpm cache deletePi...