Shai-Hulud Goes Open Source

On 2026-05-12 a GitHub repository briefly published what appears to be the full source for “Shai-Hulud,” a production-grade TypeScript/Bun offensive framework attributed to TeamPCP that implements credential harvesting, CI/CD and package-registry poisoning, encrypted exfiltration (AES-256-GCM + RSA-4096), provenance forgery using Sigstore, and persistence via developer IDE and AI-assistant hooks; the code maps to previously observed compiled artifacts, contains hardened anti-analysis features (per-build string scrambling, obfuscation), and includes coercive deadman-switch behavior and GitHub-based crypto-signed C2 rotation, creating a high-risk supply-chain threat with widespread operational impact.