On November 21, 2025, security researchers detected the beginning of what would become one of the most aggressive npm supply chain attacks to date. The Shai Hulud 2.0 campaign compromised over 25,000 GitHub repositories within 72 hours, targeting packages from major organizations including Zapier, ENS Domains, PostHog, and Postman. The malware’s self-propagating design created a compounding threat that moved at container speed, not human speed.
This variant executed during npm’s preinstall phase, harvesting developer credentials, GitHub tokens, and cloud provider secrets before packages even finished installing. Stolen credentials appeared in public GitHub repositories labeled “Sha1-Hulud: The Second Coming,” creating a secondary attack vector as threat actors recycled tokens to publish additional malicious packages. Researchers tracked approximately 1,000 new compromised repositories appearing every 30 minutes at the attack’s peak.
For teams using npm packages in their containerized applications, this attack represented exposure not just to credential theft initially but also to systematic supply chain compromise that could persist across rebuild cycles and burrow deep into supply chains.
Docker’s real-time response architecture
According to Google Mandiant’s 2023 vulnerability analysis, the average time-to-exploit for vulnerabilities has collapsed from 63 days in 2018-19 to just five days. With Shai Hulud-type attacks on the rise, the likely compression of the vulnerability window will move from days to hours.
Within hours of security researchers publishing indicators of compromise, Docker Security created DSA-2025-1124, a Docker Security Advisory that encoded detection rules for the Shai Hulud 2.0 malware signatures. This advisory immediately entered Docker Scout’s continuous monitoring pipeline, where it followed the same automated workflow that handles CVE ingestion.
Here’s how the protection deployed:
Automatic threat intelligence ingestion: Docker Scout continuously ingests security intelligence from multiple published sources. Scout’s ingestion pipeline identified the malicious package indicators and malware signatures from these sources and propagated them within seconds.
Instant supply chain analysis: Docker Scout cross-referenced the threat intelligence against SBOMs from all Docker Hardened Images and customer images under Scout protection. This analysis identified which images, if any, contained dependencies from the compromised package ecosystem, enabling immediate risk assessment across the entire Docker registry.
Automated detection distribution: The DSA containing Shai Hulud 2.0 detection rules propagated through Scout’s monitoring infrastructure automatically. Every Docker Scout-protected environment gained the ability to flag malicious packages based on the latest threat intelligence, without requiring manual policy updates or signature downloads.
Continuous verification: As Docker Security performed immediate scans of all Docker GitHub Enterprise repositories (which returned no findings), the same SBOM-based verification confirmed that Docker Hardened Images contained no compromised packages.
From threat disclosure to deployed protection, the response cycle completed in hours. Organizations using Docker Scout received alerts identifying any exposure to the compromised packages while the attack was still unfolding, allowing them to mount a timely response and protect their infrastructure.
Why Docker’s approach creates verifiable protection
Docker’s response to Shai Hulud 2.0 demonstrates why security architecture must assume attacks will move faster than human response times.
Real-time protection: Traditional vulnerability management treats each threat as a discrete event requiring investigation, triage, and manual remediation. Docker Scout’s architecture treats threat intelligence as streaming data, continuously updating detection capabilities the moment new indicators become available.
Unified telemetry eliminates blind spots: The integration between Scout’s monitoring, DHI’s build pipeline, and Docker’s supply chain tracking provides complete visibility into what’s running and where it came from. When the Shai Hulud malware attempted to compromise the npm ecosystem, Docker’s architecture could immediately answer: “Do we have exposure?”
Cryptographic verification enables trust under fire: Every Docker Hardened Image ships with complete SBOMs, cryptographic signatures, and verifiable build provenance. During an active supply chain attack, this transparency becomes operational capability. Security teams can prove to auditors, incident responders, and leadership exactly what’s running in production, which versions are deployed, and whether any compromised packages made it through the supply chain.
Speed that matches attack velocity: Self-propagating malware spreads through automated exploitation. This means you have to move fast. Docker’s remediation pipeline doesn’t wait for security teams to file tickets or schedule maintenance windows. When threats emerge, the pipeline automatically initiates detection updates, verifies image integrity, and flags exposure based on factual SBOM data.
The five pillars prove themselves under pressure
Docker’s security architecture rests on five pillars that proved themselves under pressure: minimal attack surface, complete SBOMs, verifiable provenance, exploitability context, and cryptographic verification. During Shai Hulud 2.0, these worked together as implemented controls that functioned automatically, enabling teams to verify exposure immediately through SBOMs, prove integrity through cryptographic signatures, and focus response on actually weaponized packages. Even if your organization does not use Docker Hardened Images, by using Docker Scout you get the same detection speed via Scout-generated SBOMs, which are optimized for transparency and speed.
Supply chain security at container speed
We believe that increasingly, modern supply chain attacks targeting the package infrastructure will be designed to outrun traditional security response times. The only viable response is security architecture and response mechanism that can match this speed.
If your security team is still chasing alerts from last month’s supply chain attack, or if you’re uncertain whether your container images contain compromised dependencies, Docker offers a different approach.
Learn more about how Docker Scout and Hardened Images deliver continuous, verifiable protection, or contact our team to discuss how real-time security architecture applies to your specific environment.
