Shai-Hulud 2.0: The npm Worm Spreading Through SAP and Intercom Packages This Week

The Shai-Hulud npm worm is back — using preinstall hooks and the Bun runtime to bypass Node.js security tooling.

Shai-Hulud 2.0

The Shai-Hulud npm worm is back — using preinstall hooks and the Bun runtime to bypass Node.js security tooling. What SaaS teams need to change this weekend.

What this breaks down

Key Security concepts for founders shipping in 2026.

• npm
• security
• supply chain
• shai-hulud

Security debt is real and expensive

What SaaS teams need to change this weekend.

Read the full guide

A 10 min read with practical advice and real trade-offs for founders who want to ship without regret.

Go deeper

Read the full article or book a 20-minute strategy call to apply this directly to your product.