Tolka npm package carried Shai-Hulud
Part of the Shai-Hulud hits npm and PyPI campaign
JFrog listed 1 Tolka npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface.
Story
Tolka was represented in the May 2026 Shai-Hulud wave by @tolka/cli. JFrog listed five affected npm releases, making the package another command-line distribution path for TeamPCP's credential-stealing loader.
CLI packages are valuable because they run where developers and CI systems prepare work. The affected Tolka releases could execute in environments holding npm publish tokens, GitHub credentials, cloud secrets, SSH keys, and other material the worm could use to spread.
This record keeps the Tolka package scoped to its own trust boundary. The broader campaign page carries the shared TeamPCP tooling, infrastructure, and propagation behavior; this page preserves the exact package name, affected versions, registry locations, and May 11-12 exposure window.
The cleanup workflow is package-led: search lockfiles, caches, build images, and CI logs for the listed @tolka/cli versions, then rotate credentials for any environment that installed them and review whether that environment published packages afterward.
Affected Artifacts
- Observed
- 2026-05-11 to 2026-05-12
- Fixed
- Not listed
Incident Context
- Motive
- Credential Theft
- Attribution
- Group
- Cause
- Compromised Account Credentials
- Transitive
- Yes
- Actor
- TeamPCP
Notes
- Minimal campaign-linked record created to keep Shai-Hulud package evidence scoped by vendor, organization, maintainer account, or package distribution surface.
External References
- Shai-Hulud: Here We Go Again - Worm by TeamPCP Hits NPM and PyPIresearch.jfrog.com
Source record: oss/attacks/shai-hulud-tolka-npm/meta.yaml