SuperSurkhet npm packages carried Shai-Hulud

SuperSurkhet entered the May 2026 Shai-Hulud wave through both sides of a small toolchain: @supersurkhet/cli and @supersurkhet/sdk. JFrog listed twelve affected releases across those two npm packages.

CLI and SDK packages are useful to a self-spreading package worm because they often execute in developer contexts. The install may happen on a laptop, build runner, or automation host with npm tokens, GitHub access, cloud credentials, SSH keys, and other secrets available in the environment.

This record scopes the SuperSurkhet artifacts separately from the campaign aggregate. The broader Shai-Hulud page carries TeamPCP's shared tooling and propagation behavior; this page keeps the package names, versions, dates, and registry paths precise enough for exposure checks.

The right response starts with dependency evidence. If either SuperSurkhet package resolved to one of the listed versions during May 11-12, the system that installed it should be treated as a potential credential source and reviewed before it publishes or deploys anything else.

Motive

Credential Theft

Attribution

Group

Cause

Compromised Account Credentials

Transitive

Yes

Actor

TeamPCP

• Minimal campaign-linked record created to keep Shai-Hulud package evidence scoped by vendor, organization, maintainer account, or package distribution surface.

• Shai-Hulud: Here We Go Again - Worm by TeamPCP Hits NPM and PyPIresearch.jfrog.com