PANews reported on December 29th that 23pds, Chief Information Security Officer of SlowMist Technology, issued a security alert: a new variant of the NPM supply chain attack, "Shai-Hulud 3.0," has resurfaced. Projects and platforms are urged to take precautions. Previously, it was suspected that the Trust Wallet API key leak was caused by the Shai-Hulud 2.0 attack. Shai-Hulud is a series of self-propagating worm-like supply chain attacks targeting the NPM ecosystem, used to steal developer credentials, cloud keys, and environment secrets. The latest variant (referred to by the community as Shai-Hulud 3.0 or the new strain) was discovered on December 28, 2025, by Charlie Eriksen, a researcher at Aikido Security. Currently, its spread is limited and may only be in the testing phase.