Socket Named a Supply Chain Innovator in Latio's 2026 Application Security Market Report

Key Takeaways

• Supply chain malware and securing AI-generated code are the top application security concerns for 2026, accounting for 84% of practitioner responses.
• The Shai Hulud campaign is highlighted as a major supply chain threat, evolving through multiple waves including the tinycolor compromise and malicious CrowdStrike packages.
• The v2 wave of the Shai Hulud campaign successfully exposed secrets from tens of thousands of GitHub repositories.
• A new variant of the campaign, SANDWORM_MODE, is actively targeting AI toolchains.
• Traditional CVE detection is insufficient for modern supply chain security; proactive behavioral analysis of packages is required.

Affected Systems

• npm packages
• GitHub repositories
• AI toolchains
• Developer environments

Attack Chain

The article briefly outlines the progression of the Shai Hulud supply chain campaign. It began with the compromise of the 'tinycolor' package, expanded by leveraging malicious packages masquerading as CrowdStrike updates (affecting over 500 npm packages), and evolved into a v2 wave designed to exfiltrate secrets from tens of thousands of GitHub repositories. Most recently, the campaign introduced a SANDWORM_MODE variant specifically targeting AI toolchains.

Detection Availability

• YARA Rules: No
• Sigma Rules: No
• Snort/Suricata Rules: No
• KQL Queries: No
• Splunk SPL Queries: No
• EQL Queries: No
• Other Detection Logic: No

No specific detection rules or queries are provided in the article.

Detection Engineering Assessment

EDR Visibility: None — Standard EDR typically does not monitor the internal behavior of package registry downloads or source code dependencies directly during the build process. Network Visibility: Low — Network traffic for package downloads is encrypted (HTTPS) and blends with legitimate developer activity, making it difficult to spot malicious payloads without SSL inspection and specific threat intelligence. Detection Difficulty: Hard — Malicious packages often mimic legitimate ones and execute during the build/install phase, requiring specialized Software Composition Analysis (SCA) or behavioral analysis tools to detect anomalies before CVEs are published.

Required Log Sources

• CI/CD pipeline logs
• Package manager logs (npm, pip, etc.)

Hunting Hypotheses

Hypothesis	Telemetry	ATT&CK Stage	FP Risk
Monitor for unexpected outbound network connections originating from package manager processes (e.g., npm, pip) during the pre-install or install phases, which may indicate secret exfiltration.	Process execution and network connection logs	Execution/Exfiltration	High (many legitimate packages download additional resources during installation)

Control Gaps

• Traditional CVE scanners
• Standard EDR on developer endpoints

Key Behavioral Indicators

• Unexpected pre-install or post-install scripts in npm packages
• Access to environment variables or local secret files during package installation

False Positive Assessment

• Low

Recommendations

Immediate Mitigation

• Audit npm dependencies for known compromised packages related to the Shai Hulud campaign and its variants.

Infrastructure Hardening

• Implement proactive supply chain security tools that analyze package behavior rather than relying solely on CVE databases.
• Enforce strict egress filtering on CI/CD build runners to prevent unauthorized data exfiltration during package installation.

User Protection

• Restrict developer environment access to sensitive secrets to limit the blast radius if a malicious package is executed locally.

Security Awareness

• Train developers on the risks of blindly trusting AI-generated code and the dependencies it introduces without proper scrutiny.

MITRE ATT&CK Mapping

• T1195.002 - Supply Chain Compromise: Compromise Software Supply Chain
• T1552 - Unsecured Credentials